mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
9b6d0d6e5a
The current security-related documentation is a bit hard to find and hidden within the development manual. However these are processes that are not part of a development task but is rather a vulnerability reporting process. Create a new "Security" section in the documentation to gather this information. This will be directly visible in the sidebar when opening the documentation. Split the previous security-subjects.rst document into 2 documents: - security-team.rst: defines the roles of the security teams and its members. - reporting-vulnerabilities.rst: guide to report vulnerabilities to the security team. The plan is to backport these documents to active releases. As a consequence, this section should be free of instructions and information that only make sense for a specific release. It should _not_ contain documents on how to enable security features with Yocto on target devices, this is unrelated and can be left in the development manual (for example: dev-manual/vulnerabilities.rst to deal with CVEs). (From yocto-docs rev: 80556704f8b60b5bf903da497909cfda7dd1b28b) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> (cherry picked from commit 81e14ca2d5cff9e2104c556655144b069633790c) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>