Re: Packages with a history of security issues and whose packaged version is not up to date

To: debian-devel@lists.debian.org
Subject: Re: Packages with a history of security issues and whose packaged version is not up to date
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 14 Feb 2025 17:12:48 +0000
Message-id: <[🔎] Z695kNODsSqpQg6H@riva.ucam.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] E1tiwft-00000005fm0-0DL2@swivel>
References: <[🔎] Z65GJs21cJkGUwoC@voleno> <[🔎] lgq6rosm7vd2xhfcbbsjntva76mubzeg7yidojrrhmrudn3dtn@j4h3l4qwzh3p> <[🔎] E1tiwft-00000005fm0-0DL2@swivel>

On Fri, Feb 14, 2025 at 03:28:35PM +0100, Marc Haber wrote:
> Especially if the list just goes the (wrong) way of so many commercial
> security tools and/or consultants who just compare version numbers and
> flag our stable versions as vulnerable regardless whether we have
> patched vulnerabilities or not.

But it doesn't.  Santiago's using the data from the security tracker to
determine whether CVEs are open.

-- 
Colin Watson (he/him)                              [cjwatson@debian.org]

Reply to:

Follow-Ups:
- Re: Packages with a history of security issues and whose packaged version is not up to date
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Packages with a history of security issues and whose packaged version is not up to date
  - From: Chris Hofstaedtler <zeha@debian.org>
- Re: Packages with a history of security issues and whose packaged version is not up to date
  - From: Marco d'Itri <md@Linux.IT>

References:
- Packages with a history of security issues and whose packaged version is not up to date
  - From: Santiago Ruano Rincón <santiagorr@riseup.net>
- Re: Packages with a history of security issues and whose packaged version is not up to date
  - From: Chris Hofstaedtler <zeha@debian.org>
- Re: Packages with a history of security issues and whose packaged version is not up to date
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

Prev by Date: Re: Packages with a history of security issues and whose packaged version is not up to date
Next by Date: Re: Packages with a history of security issues and whose packaged version is not up to date
Previous by thread: Re: Packages with a history of security issues and whose packaged version is not up to date
Next by thread: Re: Packages with a history of security issues and whose packaged version is not up to date
Index(es):
- Date
- Thread