[Secure-testing-team] NVD cross-references
Florian Weimer
fw at deneb.enyo.de
Fri Oct 14 15:57:51 UTC 2005
I've added NVD cross references to the bug tracker. This means that
we can (in theory) use NVD's classification to filter bug reports.
For an example, go to
<http://idssi.enyo.de/tracker/status/release/stable>
and click on "Hide local vulnerabilities".
Unfortunately, I disagree with quite a few of NVD's classifications,
but they seem to err on the safe side, so to speak.
And, by the way, the tracker should be reasonably accurate for sarge
because I use a custom DSA/list file with proper fixed version
information.
More information about the Secure-testing-team
mailing list