Include CVE IDs in Release Notes for Security Fixes
Use Case​
- Incubating: expected
- Active: expected
- Retiring: expected
Description​
Release Notes must Include the CVE ID of Patched Security Vulnerabilities
Details​
- Implementation Status: pending
- C-SCRM: false
- Priority Group: P7
- Sources: OpenSSF Best Practices Badge Passing Level [release_notes_vulns]
- Created at 2024-12-18T20:19:27.410Z
- Updated at 2024-12-18T20:19:27.410Z