Include CVE IDs in Release Notes for Security Fixes
Use Case​
- Incubating: expected
- Active: expected
- Retiring: expected
Description​
Release Notes must Include the CVE ID of Patched Security Vulnerabilities
Details​
- Implementation Status: pending
- C-SCRM: false
- Priority Group: P7
- Sources: OpenSSF Best Practices Badge Passing Level [release_notes_vulns]
- Created at 2024-12-11T23:03:52.941Z
- Updated at 2024-12-11T23:03:52.941Z