From: Petr Špaček <pspacek@isc.org>
Date: Fri, 5 Jun 2026 10:48:47 +0000 (+0200)
Subject: Fixes must be merged ASAP into respective privat branch
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=2368f12451e56fe242c5106a2d90caba9bb86973;p=thirdparty%2Fbind9.git

Fixes must be merged ASAP into respective privat branch

All Hands 2026 decision.
---

diff --git a/.gitlab/issue_templates/Internal_use_only-CVE.md b/.gitlab/issue_templates/Internal_use_only-CVE.md
index 62f2390b53e..bdcd086748b 100644
--- a/.gitlab/issue_templates/Internal_use_only-CVE.md
+++ b/.gitlab/issue_templates/Internal_use_only-CVE.md
@@ -44,13 +44,13 @@ confidential!
   - [ ] [:link:][step_review_fix]        **(SwEng)** Ensure the merge request with the fix is reviewed and has no outstanding discussions
   - [ ] [:link:][step_review_docs]       **(Support)** Review the documentation changes introduced by the merge request with the fix
   - [ ] [:link:][step_backports]         **(SwEng)** Prepare backports of the merge request addressing the problem for all affected (and still maintained) branches of a given product
+  - [ ] [:link:][step_merge_fixes]       **(SwEng)** Merge the CVE fixes and reproducer when they get approved
   - [ ] [:link:][step_finish_advisory]   **(Support)** Finish preparing the Security Advisory
   - [ ] [:link:][step_meta_issue]        **(QA)** Create (or update) the private issue containing links to fixes & reproducers for all CVEs fixed in a given release cycle
   - [ ] [:link:][step_coordinate_check]  **(SwEng)** Make sure other vendors are able to release on the date that was previously agreed upon
 
 ### Earlier Than T-5
 
-  - [ ] [:link:][step_merge_fixes]       **(QA)** Merge the CVE fixes in CVE identifier order
   - [ ] [:link:][step_evn_releases]      **(QA)** Prepare EVN releases (as outlined in the Release Checklist)
 
 ### At T-5