docs/SECURITY-PROCESS: now we name the files after the CVE id

author Daniel Stenberg <daniel@haxx.se>

Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)
author Daniel Stenberg <daniel@haxx.se>
Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)
diff --git a/docs/SECURITY-PROCESS.md b/docs/SECURITY-PROCESS.md

index 0db6403c6693f78c9bf77abf0d20876544f72613..6ef7757caf7f941df1ab9821acaacc8371c13fa6 100644 (file)
--- a/docs/SECURITY-PROCESS.md
+++ b/docs/SECURITY-PROCESS.md
@@ -109,17 +109,12 @@ Publishing Security Advisories
  1. Write up the security advisory, using markdown syntax. Use the same
     subtitles as last time to maintain consistency.
  
-2. Name the advisory file (and ultimately the URL to be used when the flaw
-   gets published), using a randomized component so that third parties that
-   are involved in the process for each individual flaw will not be given
-   insights about possible *other* flaws worked on in parallel.
-   `adv_YEAR_RANDOM.md` has been used before.
+2. Name the advisory file after the allocated CVE id.
  
  3. Add a line on the top of the array in `curl-www/docs/vuln.pm'.
  
  4. Put the new advisory markdown file in the curl-www/docs/ directory. Add it
-   to the git repo.  Update the Makefile in the same directory to build the
-   HTML representation.
+   to the git repo.
  
  5. Run `make` in your local web checkout and verify that things look fine.
author	Daniel Stenberg <daniel@haxx.se>
	Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Mon, 20 Aug 2018 09:49:58 +0000 (11:49 +0200)