Bug#1001453: limit scope as 1001451 will provide some parts

To: 1001453@bugs.debian.org
Subject: Bug#1001453: limit scope as 1001451 will provide some parts
From: Neil Williams <codehelp@debian.org>
Date: Fri, 17 Dec 2021 10:27:43 +0000
Message-id: <[🔎] 20211217102743.0f90f5b1@felix.codehelp>
Reply-to: Neil Williams <codehelp@debian.org>, 1001453@bugs.debian.org
References: <[🔎] 163913378559.129743.15981572026706783938.reportbug@felix.codehelp>

Just to update the scope of this new support for the security-tracker,
this part is to be covered by 1001451

- mark CVE <ID> as fixed in unstable in version <VERSION>

e.g. ./bin/grab-cve-in-fix --src freerdp2 --cve CVE-2021-41159

(I'm just finalising a script for that bug.)

The grab-cve-in-fix support has parsers for different kinds of line
sources for the list of CVEs fixed in unstable by a particular upload.

I'll work on this bug to provide a helper along these lines:

- mark not-affected
- add bug number
- add a NOTE

Something like:

./bin/update-vuln --cve CVE-2021-41159 [--not-affected | --bug | --note]

Like grab-cve-in-fix, this would write out a file suitable for manual
review and merge using ./bin/merge-cve-files

-- 
Neil Williams
=============
https://linux.codehelp.co.uk/

Attachment: pgpbuM19ne0DZ.pgp
Description: OpenPGP digital signature

Reply to:

References:
- Bug#1001453: security-tracker: extend support for bug reporting to update the CVE list with the bug number
  - From: Neil Williams <codehelp@debian.org>

Prev by Date: External check
Next by Date: Bug#1001451: Candidate script
Previous by thread: Bug#1001453: security-tracker: extend support for bug reporting to update the CVE list with the bug number
Next by thread: Bug#1001453: security-tracker: extend support for bug reporting to update the CVE list with the bug number
Index(es):
- Date
- Thread