Skip to content

Commit

Permalink
doc: add suggestion for OpenSSL only sec releases
Browse files Browse the repository at this point in the history
Fixes: nodejs/TSC#1187

Signed-off-by: Michael Dawson <[email protected]>

PR-URL: #42456
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Danielle Adams <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
  • Loading branch information
mhdawson authored and juanarbol committed Apr 4, 2022
1 parent 4dfc29d commit 607a5ca
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions doc/contributing/security-release-process.md
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,17 @@ The current security stewards are documented in the main Node.js
(Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
nodejs/nodejs.org)
If the security release will only contain an OpenSSL update consider
adding the following to the pre-release announcement:
```text
Since this security release will only include updates for OpenSSL, if you're using
a Node.js version which is part of a distribution which uses a system
installed OpenSSL, this Node.js security update might not concern you. You may
instead need to update your system OpenSSL libraries, please check the
security announcements for the distribution.
```

* [ ] Pre-release announcement [email][]: _**LINK TO EMAIL**_
* Subject: `Node.js security updates for all active release lines, Month Year`
* Body:
Expand Down

0 comments on commit 607a5ca

Please sign in to comment.