[llvm] Improve description of what is considered a security issue (PR #147035)
Peter Smith via llvm-commits
llvm-commits at lists.llvm.org
Fri Jul 4 07:02:14 PDT 2025
================
@@ -204,6 +204,11 @@ The LLVM Security Policy may be changed by majority vote of the LLVM Security Re
What is considered a security issue?
====================================
+Below, with "security-sensitive", we mean that a discovered bug or vulnerability
----------------
smithp35 wrote:
Some possible alternatives for wording.
We define "security-sensitive" to mean that a discovered bug or vulnerability may require coordinated disclosure, and therefore should be ...
perhaps even "vulnerability is serious enough to require coordinated disclosure."
https://github.com/llvm/llvm-project/pull/147035
More information about the llvm-commits
mailing list