diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-14 08:36:02 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-14 08:36:02 +0100 |
commit | eaf27da3939ce18a09955653c24c599fbdde0457 (patch) | |
tree | 2a41c259ffcc93e5c3a9d903352630762b7c9a52 | |
parent | c5abd30c1fa9fa3dd51457d179c195e9419f8da0 (diff) | |
download | vulns-eaf27da3939ce18a09955653c24c599fbdde0457.tar.gz |
form_letters: add more information and responses.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r-- | form_letters/bot_responses | 32 | ||||
-rw-r--r-- | form_letters/this_is_not_for_security_bugs | 16 |
2 files changed, 32 insertions, 16 deletions
diff --git a/form_letters/bot_responses b/form_letters/bot_responses new file mode 100644 index 00000000..a545d90e --- /dev/null +++ b/form_letters/bot_responses @@ -0,0 +1,32 @@ +Hi, + +This is the semi-friendly bot of the kernel CVE assignment team. I've +detected that you have sent a message that is not applicable for us to +handle for the following reason(s): + + - This alias, as per our documentation, is ONLY for assigning + CVEs for potential issues in the Linux kernel, it is NOT for + reporting potential bugs in the Linux kernel. Please read the + file Documentation/process/security_process.rst in the Linux + kernel source tree for who to contact about potential security + bugs. + + - You are writing asking for a CVE assignment for an issue that + we have previously determined does not require such an + assignment. If you dispute this resolution, please see the + documentation at: + https://www.cve.org/Resources/General/Policies/CVE-Record-Dispute-Policy.pdf + for how to properly start this process. + + - It seems that you are writing a message to dispute the + information in one, or more, of the CVE identifiers that we + have assigned to the kernel, yet you failed to properly + document your rationale for the dispute. To correctly do + this, please follow the documentation at: + https://www.cve.org/Resources/General/Policies/CVE-Record-Dispute-Policy.pdf + and send us an email with the requested information to start + the process. + +Sincerely, + +Linux CVE team's email bot diff --git a/form_letters/this_is_not_for_security_bugs b/form_letters/this_is_not_for_security_bugs deleted file mode 100644 index e17baa57..00000000 --- a/form_letters/this_is_not_for_security_bugs +++ /dev/null @@ -1,16 +0,0 @@ -Hi, - -This is the semi-friendly bot of the kernel CVE assignment team. I've detected -that you have sent a message that is not applicable for us to handle for the -following reason(s): - - - This list, as per our documentation, is ONLY for assigning CVEs to - existing kernel fixes that have been accepted into Linus's kernel - tree. You are reporting a potential bug in the kernel that is NOT - resolved, and so, this is NOT the place to do so. Please read the - kernel file Documentation/process/security_process.rst for who to - contact about potential security bugs. - -Sincerely, - -Linux CVE team's bot |