[Secure-testing-team] [Secure-testing-commits] r13052 - data/CVE
Michael Gilbert
michael.s.gilbert at gmail.com
Mon Oct 19 23:09:34 UTC 2009
On Mon, 19 Oct 2009 19:00:07 -0400, Michael Gilbert wrote:
> On Mon, 19 Oct 2009 22:46:26 +0000, Moritz Muehlenhoff wrote:
> > Author: jmm-guest
> > Date: 2009-10-19 22:46:26 +0000 (Mon, 19 Oct 2009)
> > New Revision: 13052
> >
> > Modified:
> > data/CVE/list
> > Log:
> > revert, don't convert TODOs to unfixed entries unless you've looked
> > into the actual issue
>
> it's not really a TODO for the secure-testing team anymore now that it's
> handed over to kernel-sec, but i accept your changes since it's somewhat
> irrelevant whether we track it as a TODO or an open issue.
oh, and not to complain, but part of the reason why these issues weren't
on anyone's plate (for five years no less) is the fact that they were
being tracked as TODOs in our tracker. consequently, they were never
addressed or even considered for passing on to kernel-sec. it may have
been a different story if they were tracked as open issues since they
would appear in debsecan and on the tracker pages where many eyeballs
are looking.
mike
More information about the Secure-testing-team
mailing list