FixingCVEs
Differences between revisions 2 and 4 (spanning 2 versions)
|
Size: 710
Comment:
|
Size: 1495
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| 1. Go to the [[https://spreadsheets.google.com/a/canonical.com/ccc?key=0AgFTUDTDyXredE92dFdsVGkxN1FMMWJabS0wZENLRWc&hl=en&ndplr=1#gid=0|kernel team's CVE spreadsheet]], pick out a CVE to work on and put your username in the "Assignee" column, next to the CVE you picked. 1. Create a Launchpad Bug for the targeted CVE. * Use the CVE id as the title for the bug. * Use the Description from the CVE tracker link as the bug description. * Add the tag: "kernel-cve-tracker" 1. Add the Launchpad Bug link to the [[https://spreadsheets.google.com/a/canonical.com/ccc?key=0AgFTUDTDyXredE92dFdsVGkxN1FMMWJabS0wZENLRWc&hl=en&ndplr=1#gid=0|kernel team's CVE spreadsheet]] in the Bug Number column for the CVE. |
1. Go to the [[https://spreadsheets.google.com/a/canonical.com/ccc?key=0AgFTUDTDyXredE92dFdsVGkxN1FMMWJabS0wZENLRWc&hl=en&ndplr=1#gid=0|kernel team's CVE spreadsheet]], pick out a CVE to work on and put your username in the "Assignee" column, next to the CVE you picked. 1. Create a Launchpad Bug for the targeted CVE. * Use the CVE id as the title for the bug. * Use the Description from the CVE tracker link as the bug description. * Add the tag: "kernel-cve-tracker" 1. Add the Launchpad Bug link to the [[https://spreadsheets.google.com/a/canonical.com/ccc?key=0AgFTUDTDyXredE92dFdsVGkxN1FMMWJabS0wZENLRWc&hl=en&ndplr=1#gid=0|kernel team's CVE spreadsheet]] in the Bug Number column for the CVE. {{{ STEAM='lp:~ubuntu-security/ubuntu-cve-tracker/master' KTEAM='lp:~canonical-kernel-team/ubuntu-cve-tracker/kernel-team' To create the branch: * bzr branch $KTEAM In tracker branch (this syncing should probably be scripted): * bzr pull $KTEAM * bzr commit -m "Saving local changes" * bzr push $KTEAM * bzr missing -q --theirs-only --line $STEAM | tee ../msg If ../msg is not empty * bzr merge $STEAM * bzr commit -m "$(cat ../msg)" * bzr push $KTEAM After changing the anything in an active/CVE-* file !! WARNING: bzr includes *all* files changed in the branch dir to the commit * bzr commit -m "<this is my message to the world>" * bzr push $KTEAM Useful for cleaning up previous commit (commit undone, changes not) * bzr uncommit }}} |
Go to the kernel team's CVE spreadsheet, pick out a CVE to work on and put your username in the "Assignee" column, next to the CVE you picked.
- Create a Launchpad Bug for the targeted CVE.
- Use the CVE id as the title for the bug.
- Use the Description from the CVE tracker link as the bug description.
- Add the tag: "kernel-cve-tracker"
Add the Launchpad Bug link to the kernel team's CVE spreadsheet in the Bug Number column for the CVE.
STEAM='lp:~ubuntu-security/ubuntu-cve-tracker/master' KTEAM='lp:~canonical-kernel-team/ubuntu-cve-tracker/kernel-team' To create the branch: * bzr branch $KTEAM In tracker branch (this syncing should probably be scripted): * bzr pull $KTEAM * bzr commit -m "Saving local changes" * bzr push $KTEAM * bzr missing -q --theirs-only --line $STEAM | tee ../msg If ../msg is not empty * bzr merge $STEAM * bzr commit -m "$(cat ../msg)" * bzr push $KTEAM After changing the anything in an active/CVE-* file !! WARNING: bzr includes *all* files changed in the branch dir to the commit * bzr commit -m "<this is my message to the world>" * bzr push $KTEAM Useful for cleaning up previous commit (commit undone, changes not) * bzr uncommit
Kernel/Dev/FixingCVEs (last edited 2011-05-18 22:25:50 by static-50-53-98-161)