[Secure-testing-team] update sid/testing fixed version in data/CVE/list based on DSA?

Yves-Alexis Perez corsac at debian.org
Wed May 30 14:24:23 UTC 2012


On mer., 2012-05-30 at 13:11 +0200, Yves-Alexis Perez wrote:
> A little correction, the fixed version is not added magically to
> data/CVE/list indeed, it's just used by the tracker to show the
> (supposed) fixed version, I mean the second part of the web page. But
> still, it'd be nice to have the sid/testing fixed version there too.
> I'll look at providing a patch. 

In fact, as confusing as it may be, it doesn't really make sense.

There are two data sources for fixed version:

* DSA/list for stable uploads
* CVE/list for sid uploads
(and, I guess, DTSA/list for testing uploads, though it's a bit
deprecated nowadays, but that might happen more often during a freeze?)

The thing is, we already put the sid/testing fixed version in the DSA
text, so we could as well put it in data/DSA/list and have it propagated
to CVE/list and the tracker by the scripts (which might actually be
already supported).

What do you think?

Regards,
-- 
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20120530/62ea9b82/attachment.pgp>


More information about the Secure-testing-team mailing list