git: cbd9256f85 - main - Vulnerability reporting: Ask for more information
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 07 May 2026 13:46:47 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/doc/commit/?id=cbd9256f85402c9710ee100a2d0b886d253deb5b
commit cbd9256f85402c9710ee100a2d0b886d253deb5b
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2026-05-06 20:23:59 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2026-05-07 13:46:16 +0000
Vulnerability reporting: Ask for more information
- Extend "Example code" to reference PoC explicitly
- Preferred "Credits" attribution
- AI use
Reviewed by: markj, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D56861
---
website/content/en/security/reporting.adoc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/website/content/en/security/reporting.adoc b/website/content/en/security/reporting.adoc
index 1331f85dad..f38df608ab 100644
--- a/website/content/en/security/reporting.adoc
+++ b/website/content/en/security/reporting.adoc
@@ -27,7 +27,9 @@ All reports should contain at least:
* A description of the vulnerability.
* What versions of FreeBSD seem to be affected if possible.
* Any plausible workaround.
-* Example code if possible.
+* Example code if possible, including a minimal, self-contained proof of concept (PoC) where feasible.
+* The reporter's preferred form of attribution for the "Credits" line in any resulting Security Advisory, if desired.
+* Whether any automated tools or artificial intelligence systems were used as part of the discovery process, and if so, which tools or models.
Whenever possible, including the background, problem description, impact, and workaround (if applicable) using the templates for link:../advisory-template.txt[security advisories] and link:../errata-template.txt[errata notices] as appropriate would also be helpful.