[Secure-testing-team] [Secure-testing-commits] r13025 - data/CVE
Raphael Geissert
geissert at debian.org
Thu Oct 22 05:04:40 UTC 2009
Michael Gilbert wrote:
[...]
>
> may i re-suggest submitting a bug report when you don't have time to
> fully triage the issue so we can get more eyeballs on the problem
> sooner; hopefully leading to a more rapid response time (of course this
> is assuming an active and caring maintainer, which tends to not be the
> case most of the time)? it's easy with the report-vuln script.
>
In the case of at least one (IIRC) of the go-oo issues I think it was
already addressed by a CVE that was assigned to oo.o only. The amsn issue
is rather old and has probably been already fixed.
For those reasons I hesitated to file bug reports. Maybe we should bring
this up again and try to reach a concensus on whether we should try to
involve maintainers the most (without falling on the "the maintainer is
handling it so we have nothing to do" side).
Btw, it might be time to send a "bits from the sec and testing sec teams"
email.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the Secure-testing-team
mailing list