Re: [PATCH 3/3] Documentation: security-bugs: clarify requirements for AI-assisted reports

Next message: Chuck Lever: "[PATCH 05/18] SUNRPC: Prepare crypto/krb5 encryption and checksum handles"
Previous message: Chuck Lever: "[PATCH 04/18] SUNRPC: Add errno-to-GSS status conversion helper"
In reply to: Willy Tarreau: "Re: [PATCH 3/3] Documentation: security-bugs: clarify requirements for AI-assisted reports"
Next in thread: Willy Tarreau: "[PATCH 2/3] Documentation: security-bugs: explain what is and is not a security bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Greg KH

Date: Mon Apr 27 2026 - 09:55:08 EST

On Sun, Apr 26, 2026 at 06:39:14PM +0200, Willy Tarreau wrote:
> AI tools are increasingly used to assist in bug discovery. While these
> tools can identify valid issues, reports that are submitted without
> manual verification often lack context, contain speculative impact
> assessments, or include unnecessary formatting. Such reports increase
> triage effort, waste maintainers' time and may be ignored.
>
> Reports where the reporter has verified the issue and the proposed fix
> typically meet quality standards. This documentation outlines specific
> requirements for length, formatting, and impact evaluation to reduce
> the effort needed to deal with these reports.
>
> Cc: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Willy Tarreau <w@xxxxxx>
> ---
> Documentation/process/security-bugs.rst | 55 +++++++++++++++++++++++++
> 1 file changed, 55 insertions(+)

Nice addition!

Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>