Changes between Version 9 and Version 10 of QtWebKitSecurity
- Timestamp:
- Sep 27, 2011, 2:13:29 PM (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
QtWebKitSecurity
v9 v10 16 16 17 17 Security issues are constantly found and fixed on trunk. In order to keep a supported version of !QtWebKit up-to-date, these issues have to be investigated and, if it's found that they affect QtWebKit, cherry-picked or backported into the stable branch. 18 19 '''Important:''' Per WebKit.org policy, security bugs and vulnerability details are not listed in public announcements until vendors agree on a time and date for disclosure. Bugs usually remain closed to public scrutiny indefinitely. '''Special care should be taken when making release announcements''', specially semi-automated weekly announcements, where security bugs should have their titles omitted. 18 20 19 21 To monitor trunk, we can use the {{{cherry-pick-into-release-branch.py}}} script. The option {{{--security-bugs-from}}} allows the filtering of a range of git commits to list which ones are security related. For example, to extract a list of security issues fixed in trunk since the branch creation, we can use the following command (notice you'll need proper bugzilla privileges and this will take a while, so you may want to do it incrementally):