Suggestion: Marking of commits that fix vulnerabilities #7456

issue rebroad opened this issue on February 1, 2016
  1. rebroad commented at 4:14 PM on February 1, 2016: contributor

    I've seen discussions where forks of the bitcoin code is missing important fixes to vulnerabilities, and I'm wondering if it can be made more obvious which commits are the important ones. Can this be addressed?

  3. laanwj commented at 5:27 PM on February 1, 2016: member

    Not against this, but I don't think this can be practically enforced. Though we could try adding a "security" category and adding it to security-related issues.

    (in some pressing cases, there could be reasons to reveal this only after the fact, to prevent widespread abuse of a vulnerability before the fix can be deployed)

  4. laanwj added the label Brainstorming on Feb 1, 2016
  5. luke-jr commented at 7:13 PM on February 1, 2016: member

    The ideal way IMO would be to flag the commits on the applicable CVE wiki page. This allows post-hoc addition of the information.

  6. laanwj commented at 9:23 AM on February 4, 2016: member

    For critical issues @luke-jr's suggestion is certainly the way to go. This is similar to what other projects do.

  7. MarcoFalke commented at 5:28 PM on April 26, 2020: member

    Fixed here: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

  8. MarcoFalke closed this on Apr 26, 2020
  9. DrahtBot locked this on Feb 15, 2022
Contributors
rebroadMarcoFalkelaanwjluke-jr
Labels
Brainstorming
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-22 18:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me