Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies

To: debian-devel@lists.debian.org
Subject: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
From: Bastian Blank <waldi@debian.org>
Date: Mon, 2 Jul 2012 12:38:44 +0200
Message-id: <[🔎] 20120702103844.GB24474@wavehammer.waldi.eu.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] CA+ygN1LxTeSFSt45qDC2KLKbYUWTqPvrm5ZHvEjjoEkuDL4f5g@mail.gmail.com>
References: <[🔎] CA+ygN1LxTeSFSt45qDC2KLKbYUWTqPvrm5ZHvEjjoEkuDL4f5g@mail.gmail.com>

On Mon, Jul 02, 2012 at 06:53:54PM +1000, Silvio Cesare wrote:
> I recently ran the tool and cross referenced identified code copies with
> Debian's security tracking of affected packages by CVE. I did this for all
> CVEs in 2010, 2011, and 2012.

Can this tool be used to identify all code copies, regardless of CVE?

Bastian

-- 
Insults are effective only where emotion is present.
		-- Spock, "Who Mourns for Adonais?"  stardate 3468.1

Reply to:

Follow-Ups:
- Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
  - From: Paul Wise <pabs@debian.org>

References:
- Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
  - From: Silvio Cesare <silvio.cesare@gmail.com>

Prev by Date: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
Next by Date: Bug#679905: ITP: cctbx -- Computational Crystallography Toolbox
Previous by thread: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
Next by thread: Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
Index(es):
- Date
- Thread