[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dealing with renamed source packages during CVE triaging

On Tue, Mar 28, 2017 at 03:11:41PM +0200, Raphael Hertzog wrote:
> Hello,
> So it looks like we have to tweak our worflow and/or build something
> to make sure that we do not miss to handle issues in such packages.
> What do you think ? What would be the proper approach ?

I'd suggest a cron job running once or twice per day, which keeps
a table of (current source package name / old source package name(s))
and adds SOURCEPACKAGE <undetermined> for the older source package.
These can then be set to <unfixed> or <not-affected> after manual


Reply to: