Changes between Version 9 and Version 10 of QtWebKitSecurity


Ignore:
Timestamp:
Sep 27, 2011 2:13:29 PM (8 years ago)
Author:
Ademar Reis
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • QtWebKitSecurity

    v9 v10  
    1616
    1717Security issues are constantly found and fixed on trunk. In order to keep a supported version of !QtWebKit up-to-date, these issues have to be investigated and, if it's found that they affect QtWebKit, cherry-picked or backported into the stable branch.
     18
     19'''Important:''' Per WebKit.org policy, security bugs and vulnerability details are not listed in public announcements until vendors agree on a time and date for disclosure. Bugs usually remain closed to public scrutiny indefinitely. '''Special care should be taken when making release announcements''', specially semi-automated weekly announcements, where security bugs should have their titles omitted.
    1820
    1921To monitor trunk, we can use the {{{cherry-pick-into-release-branch.py}}} script. The option {{{--security-bugs-from}}} allows the filtering of a range of git commits to list which ones are security related. For example, to extract a list of security issues fixed in trunk since the branch creation, we can use the following command (notice you'll need proper bugzilla privileges and this will take a while, so you may want to do it incrementally):