Re: Debconf 2017 LTS BoF Summary

To: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: Debconf 2017 LTS BoF Summary
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 9 Aug 2017 13:28:01 +0200
Message-id: <[🔎] 20170809112801.etanpwirzjgy5kwe@pisco.westfalen.local>
In-reply-to: <[🔎] 20170809111115.GD15896@connexer.com>
References: <[🔎] 20170807010731.az5h25xtxgmjr3pp@bogon.m.sigxcpu.org> <[🔎] 20170807134257.oicfvxowwwbwlut7@bogon.m.sigxcpu.org> <[🔎] 20170807180434.GB53965@santiago.connexer.com> <[🔎] 20170807181324.xiebnyywoc62mkx5@centurion.befour.org> <[🔎] 20170807193640.pyixaupmll673ri7@bogon.m.sigxcpu.org> <[🔎] 20170807194741.GC53965@santiago.connexer.com> <[🔎] 20170808135322.fcvghfedyincfuiz@bogon.m.sigxcpu.org> <[🔎] 20170809031736.zwv4jybsfvztz5ds@bogon.m.sigxcpu.org> <[🔎] 20170809111115.GD15896@connexer.com>

On Wed, Aug 09, 2017 at 07:11:16AM -0400, Roberto C. Sánchez wrote:
> > * license of CVE text is unclear -> Moritz rewrites from scratch
> >   - generic description of the issue instead of details of functions
> > 
> Is it still OK to use verbatim text from a DSA in a DLA?  It seems like
> that should be OK, and it is something I do sometimes, as the DSAs are
> frequently published first and I feel like sharing the same summary text
> regarding a particular vulnerability keeps everything consistent.

Definitely, feel free to do that. My concern was only about the CVE
descriptions published at mitre.org

Cheers,
       Moritz

Reply to:

References:
- LTS team Bof at Debconf
  - From: Guido Günther <agx@sigxcpu.org>
- Re: LTS team Bof at Debconf
  - From: Guido Günther <agx@sigxcpu.org>
- Re: LTS team Bof at Debconf
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: LTS team Bof at Debconf
  - From: Sébastien Delafond <seb@debian.org>
- Re: LTS team Bof at Debconf
  - From: Guido Günther <agx@sigxcpu.org>
- Re: LTS team Bof at Debconf
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: LTS team Bof at Debconf
  - From: Guido Günther <agx@sigxcpu.org>
- Debconf 2017 LTS BoF Summary
  - From: Guido Günther <agx@sigxcpu.org>
- Re: Debconf 2017 LTS BoF Summary
  - From: Roberto C. Sánchez <roberto@debian.org>

Prev by Date: Re: Debconf 2017 LTS BoF Summary
Next by Date: Wheezy update of giflib?
Previous by thread: Re: Debconf 2017 LTS BoF Summary
Next by thread: Re: Debconf 2017 LTS BoF Summary
Index(es):
- Date
- Thread