Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies
> Has there been any progress with this project? I am glad to help if
> there is something I can do? This is needed in my opinion.
You could try to run the scripts I created in the debian-security svn
repository, and see how they could be improved. I have not had time
to work much on this issue for a long time, and this is unlikely to
change any time soon. :(
You can try to add CPE info to a few packages to test the proposal,
and see if it make tracking easier.
But first and foremost, you can try to figure out what need to be done
to move the idea forward, as I lack the time to do so myself. :(
If you want more direct feedback from me, we could meet on IRC to
exchange knowledge. Otherwise, you can ask using email.