oss-fuzz/docs/life_of_a_bug.md

# Life of a bug

## New bugs

New crashes with security implications are automatically filed into our [bug
tracker](https://bugs.chromium.org/p/oss-fuzz/issues/list). These issues are not
viewable by the public, but library developers can be automatically CC'ed on
these issues, granting access.

These bugs contain a link to a ClusterFuzz report, which contains crash details
along with a testcase that can be downloaded. This can only be accessed by
people who are CC'ed on the bug (requires a Google account).

## Fixing

Once the bug is fixed, our fuzzing infrastructure (ClusterFuzz) automatically
verifies the fix, adding a comment and closing the bug.

## Disclosure deadlines.

TBD. Bugs will be automatically derestricted after a certain time once they're
made available to the library developers, or when they're fixed.
Add initial life of a bug documentation. 2016-10-17 17:23:28 +00:00			`# Life of a bug`

			`## New bugs`

			`New crashes with security implications are automatically filed into our [bug`
			`tracker](https://bugs.chromium.org/p/oss-fuzz/issues/list). These issues are not`
			`viewable by the public, but library developers can be automatically CC'ed on`
			`these issues, granting access.`

			`These bugs contain a link to a ClusterFuzz report, which contains crash details`
			`along with a testcase that can be downloaded. This can only be accessed by`
			`people who are CC'ed on the bug (requires a Google account).`

			`## Fixing`

			`Once the bug is fixed, our fuzzing infrastructure (ClusterFuzz) automatically`
			`verifies the fix, adding a comment and closing the bug.`

			`## Disclosure deadlines.`

			`TBD. Bugs will be automatically derestricted after a certain time once they're`
			`made available to the library developers, or when they're fixed.`