On Fri, 10 Dec 2021 10:56:25 +0000 Neil Williams <codehelp@debian.org> wrote: > A tool to automate a syntactically correct change to a specific CVE > would be a useful extension of this support, not just to add the bug > number once the email is received from the BTS but to also make other > standard changes: > > - mark a given released suite (stable/oldstable/LTS) as <not-affected> For this operation, should <not-affected> clear only specific kinds for the specified suite? e.g. if kind==fixed, then version would need to be unset for the CVE to show as not-affected & any bug number might also have to be cleared if the suite was specified as sid? Should annotations like "Minor issue" be retained or removed? Or should the script refuse to change kind==fixed & possibly others & maybe only make changes if kind is None? -- Neil Williams ============= https://linux.codehelp.co.uk/
Attachment:
pgp8tPK5Gq6Tj.pgp
Description: OpenPGP digital signature