Bug#784214: allow manual override for the regression DLA/DSA Id
On 4 May 2015 at 09:09, Mike Gabriel <mike.gabriel@das-netzwerkteam.de> wrote:
[...]
> attached is a patch that adds manual DLA/DSA id override support if an
> upload tackles a regression already announce via an earlier DSA/DLA.
>
> Current use case / example:
>
> xorg-server <ver>+deb6u1 (DLA-120-1) fixed CVE-2014-8092
> xorg-server <ver>+deb6u2 (DLA-218-1) fixed some other CVE (irrelevant here)
> xorg-server <ver>+deb6u3 (DLA-120-2) fixes CVE-2015-3418 (regression of
> fix for CVE-2014-8092)
>
> At the moment: when using bin/genDLA like this:
>
> $ bin/gen-DLA --save xorg-server regression CVE-2015-3418
$ bin/gen-DLA
usage: bin/gen-DLA [--save] [--embargoed|--unembargo] [DLA] package
[regression] [cve(s) [bugnumber(s)]]
'DLA' is the DLA number, required when issuing a revision
'cve(s)' and 'bugnumber(s)' can be passed in any order but
always AFTER the description
If it doesn't like your bug number, prefix it with # and report
$ bin/gen-DLA 120-2 xserver-xorg regression
...
Perhaps that's enough?
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: