[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DLA 532-1] movabletype-opensource security update

On Tue, Jun 28, 2016 at 08:55:32AM +0100, Chris Lamb wrote:
> > so that you stop doing the same mistake over and over.
> I think it might be unfair to characterise this as "over and over" when it has occured twice AFAIK, especially when the file is not even in the same repository..
> > take some time to improve ~/bin/lts-cve-triage.py to show
> > unsupported packages in a special status

Thanks for looking into this!

This seems so silently hardcode wheezy without a way to override (so we
might end up forgetting to bump this when switching to jessie):

class UnsupportedPackages(set)
+    def __init__(self, debian_version=7, update_cache=True):
+        self.debian_version = debian_version

I'd also be nicer to not silently drop unsupported packages but add them
to special section since we still need to triage the CVEs (mark them as
unsupported in data/CVE/list). 

 -- Guido

Reply to: