Fixed initialisation of sizeof_ssl_backend_data #2083
dscho left a comment
I think that the change that removes the
This was referenced
Nov 16, 2017
referenced this pull request
Nov 17, 2017
As mentioned in documentation:
Is that an unclear description?
@bagder Think it is clear. Nice that you know where to look to this description. Hope others will read documentation too and will not blame me about short commit descriptions.
@bagder So, what's the decision for bug qualification? Is it security bug or not? Should I publish more information about it?
@Karlson2k for security sensitive bugs, nothing should be posted about it in public (until the publication date) so that we don't risk hurt existing users unnecessarily. So as long as a bug is considered a security issue, it should not be posted on github and there should be no public PR about it. Explained in our security development process document.
PRs that aren't security issues should have as good commit messages as possible. They should therefor never be shortened or held back for security reasons, since if they were security sensitive they shouldn't be public in the first place!