[GIT PULL] Updating the security-bugs document

Next message: Dmitry Baryshkov: "Re: [PATCH v5 3/5] misc: fastrpc: Fail Audio PD init when reserved memory is missing"
Previous message: Dmitry Baryshkov: "Re: [PATCH v5 2/5] misc: fastrpc: Remove buffer from list prior to unmap operation"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] Updating the security-bugs document"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jonathan Corbet

Date: Fri May 15 2026 - 09:49:09 EST

The following changes since commit 254f49634ee16a731174d2ae34bc50bd5f45e731:

Linux 7.1-rc1 (2026-04-26 14:19:00 -0700)

are available in the Git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/docs/linux.git tags/docs-7.1-fixes

for you to fetch changes up to f2e65e4e5b4b4b9ecf43f03c3fdbe8c9a8a43a9e:

docs: threat-model: don't limit root capabilities to CAP_SYS_ADMIN (2026-05-14 06:23:44 -0600)

----------------------------------------------------------------
This is Willy Tarreau's new document clarifying the definition and handling
of security-related bugs, which we're trying to get out there quickly on
the theory that some of the bug reporters might actually read and pay
attention to it.

----------------------------------------------------------------
Jonathan Corbet (2):
docs: security-bugs: add a link to the threat-model documentation
docs: threat-model: don't limit root capabilities to CAP_SYS_ADMIN

Willy Tarreau (3):
Documentation: security-bugs: do not systematically Cc the security team
Documentation: security-bugs: explain what is and is not a security bug
Documentation: security-bugs: clarify requirements for AI-assisted reports

Documentation/process/index.rst | 1 +
Documentation/process/security-bugs.rst | 106 +++++++++++++-
Documentation/process/threat-model.rst | 235 ++++++++++++++++++++++++++++++++
3 files changed, 340 insertions(+), 2 deletions(-)
create mode 100644 Documentation/process/threat-model.rst