doc: include CVE to EOL lines as sec release process

RafaelGSS · aduh95 · commit 92eeeb98a5fb · 2025-01-30T10:44:12.000+01:00
Refs: nodejs/security-wg#1401 PR-URL: #56520 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
diff --git a/doc/contributing/security-release-process.md b/doc/contributing/security-release-process.md
@@ -65,6 +65,8 @@ The current security stewards are documented in the main Node.js
 * [ ] 4\. **Requesting CVEs:**
   * Request CVEs for the reports with `git node security --request-cve`.
   * Make sure to have a green CI before requesting a CVE.
+  * Check if there is a need to issue a CVE for any version that became
+    EOL after the last security release through [this issue](https://github.com/nodejs/security-wg/issues/1419).
 
 * [ ] 5\. **Choosing or Updating Release Date:**
   * Get agreement on the planned date for the release.
