[Secure-testing-team] Security update for fuse
Bartosz Fenski aka fEnIo
fenio at debian.org
Tue Jun 7 19:16:09 UTC 2005
On Tue, Jun 07, 2005 at 08:59:47AM +0200, Martin Schulze wrote:
> > > . please forward it upstream
> >
> > Upstream knows it already and that was the reason to release 2.3.0 version.
>
> But upstream probably doesn't know about the CVE id.
>
> CAN-2005-nnnn a unique identifier for a vulnerability in a software
> package. The database behind this is maintained at MITRE's Common
> Vulnerabilities and Exposures project <http://cve.mitre.org/cve/>.
> Details for such an id are available after a few days of quarantaine
> at <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-nnnn>.
>
> Many vendors (both propriatery and Free Software) participate in this
> database and assign the id to vulnerability reports or updates they
> produce. These IDs help us security people generally for identifying
> if a given package is fixed or if a given update fixes which problem.
> Please mention this ID in the changelog and/or project announcements.
Ok. He's CCed in this message.
Thanks for comments.
regards
fEnIo
--
,''`. Bartosz Fenski | mailto:fenio at debian.org | pgp:0x13fefc40 | irc:fEnIo
: :' : 32-050 Skawina - Glowackiego 3/15 - w. malopolskie - Poland
`. `' phone:+48602383548 | proud Debian maintainer and user
`- http://skawina.eu.org | jid:fenio at jabber.org | rlu:172001
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050607/6355d2ef/attachment.pgp
More information about the Secure-testing-team
mailing list