Phriction Trusted Firmware Collaboration TF-M Security Patch Release Process History Version 12 vs 13
Version 12 vs 13
Version 12 vs 13
Edits
Edits
- Edit by Anton-TF, Version 13
- May 17 2022 11:02 AM
- Edit by michaelthomasj, Version 12
- Aug 3 2021 4:17 PM
| « Previous Change | Most Recent Change |
| Edit Older Version 12... | Edit Current Version 13... |
Content Changes
Content Changes
(WARNING) Draft in review
This document outlines the proposal for applying TF-M security fixes to latest release and the testing policy of such releases.
**Updated proposal including feedback gathered over the time. 7/6/21**
- A security vulnerability found and fixed at any moment will result in said fixes applied to the latest release and tagged with an incremented hotfix number. I.e., having the latest tag v1.4.0, a new security fix will be staged by v1.4.1.
- There will be no fixes for past versions to avoid LTS maintenance and backporting overheads.
- The fix shall be tested using the standard regression test suite on Arm reference platform, agreed by maintainers.
**Previous text moved in to the comment below**
This document outlines the proposal for applying TF-M security fixes to latest release and the testing policy of such releases.
**Updated proposal including feedback gathered over the time. 7/6/21**
- A security vulnerability found and fixed at any moment will result in said fixes applied to the latest release and tagged with an incremented hotfix number. I.e., having the latest tag v1.4.0, a new security fix will be staged by v1.4.1.
- There will be no fixes for past versions to avoid LTS maintenance and backporting overheads.
- The fix shall be tested using the standard regression test suite on Arm reference platform, agreed by maintainers.
**Previous text moved in to the comment below**
(WARNING) Draft in review
This document outlines the proposal for applying TF-M security fixes to latest release and the testing policy of such releases.
**Updated proposal including feedback gathered over the time. 7/6/21**
- A security vulnerability found and fixed at any moment will result in said fixes applied to the latest release and tagged with an incremented hotfix number. I.e., having the latest tag v1.4.0, a new security fix will be staged by v1.4.1.
- There will be no fixes for past versions to avoid LTS maintenance and backporting overheads.
- The fix shall be tested using the standard regression test suite on Arm reference platform, agreed by maintainers.
**Previous text moved in to the comment below**