From: Daniel P. Berrangé <[email protected]> Warn that a security issue must have the "confidential" flag set and that any findings from automated tools must be validated before submission.
Signed-off-by: Daniel P. Berrangé <[email protected]> Message-ID: <[email protected]> Signed-off-by: Alex Bennée <[email protected]> --- .gitlab/issue_templates/bug.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.gitlab/issue_templates/bug.md b/.gitlab/issue_templates/bug.md index e20f586008d..faeeb002252 100644 --- a/.gitlab/issue_templates/bug.md +++ b/.gitlab/issue_templates/bug.md @@ -13,8 +13,9 @@ older than this should be reported to the distribution instead. See https://www.qemu.org/contribute/report-a-bug/ for additional guidance. -If this is a security issue, please consult -https://www.qemu.org/contribute/security-process/ +If this is a security issue, ensure this ticket is marked 'confidential' +before submission. See https://www.qemu.org/contribute/security-process/ +for additional guidance --> ## Host environment @@ -49,6 +50,12 @@ https://www.qemu.org/contribute/security-process/ 2. 3. +<!-- +Note: if this issue was discovered with the assistance of automated +tooling LLM, static analysis, fuzzers), the reporter must disclose +that in the description. The steps to reproduce, and any other findings, +must be fully validated by the user of the tool prior to submission. +--> ## Additional information -- 2.47.3
