Can we have a possibility to select field like "affected version" and have it such that multiple versions can be specified On Apr 18, 2016 3:27 AM, "Burton, Ross" <ross.bur...@intel.com> wrote:
> Hi, > > At the moment we don't really have a policy for oe-core bugs in > bugzilla.yoctoproject.org that apply to multiple releases, for example > https://bugzilla.yoctoproject.org/show_bug.cgi?id=9400. This is a CVE > bug that should be fixed in all supported branches, and indeed Sona has > sent patches for Fido/Dizzy/Jethro/master. Of course now we've got to > track where these patches are in the submission process and ensure that we > don't drop any of these, but bugzilla only has a single target milestone > for each bug. > > I propose that for bugs such as this we file a bug report for master and > then clone it (there's a Clone This Bug button at the bottom) for each > stable release that is affected. Then each bug can have it's own target > milestone set and we can be sure that the patches don't get left out of > being merged and that QA can effectively verify each branch. > > Any objection or feedback? (the first person to suggest moving to Jira > gets to manually review all CVEs from CVE-1999-0001 onwards are fixed in > krogoth). > > Ross > > -- > _______________________________________________ > Openembedded-core mailing list > openembedded-c...@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > >
-- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
