Re: CVE ID missed in DLA, squid3

To: debian-lts@lists.debian.org,Markus Koschany <apo@debian.org>
Subject: Re: CVE ID missed in DLA, squid3
From: Abhijith PA <abhijith@disroot.org>
Date: Sat, 10 Nov 2018 20:17:21 +0530
Message-id: <[🔎] 99FE316A-AE45-4DD7-8A70-D49487D21518@disroot.org>
In-reply-to: <[🔎] fd39faac-b7b9-5768-27d2-6dead3080933@debian.org>
References: <[🔎] 4d181c31-4a1e-978d-8439-323fecd2c02a@disroot.org> <[🔎] fd39faac-b7b9-5768-27d2-6dead3080933@debian.org>


On 10 November 2018 7:40:02 PM IST, Markus Koschany <apo@debian.org> wrote:
>Hi,
>
>Am 10.11.18 um 13:38 schrieb Abhijith PA:
>> Hello.
>> 
>> 
>> What we should do when we miss to specify a CVE ID in a DLA/DSA ? Can
>we
>> just normally insert in next advisory release.? For eg: DLA-478-1[1]
>> released for squid3 on 16 May 2016 missed to mention 'CVE-2016-3948'.
>
>
>You can add the missing CVE entry to data/DLA/list manually and you
>also
>have to mark CVE-2016-3948 as fixed by DLA-478-1 like that {DLA-478-1}.
>
>Markus

Thanks. I will manually add. 
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Reply to:

References:
- CVE ID missed in DLA, squid3
  - From: Abhijith PA <abhijith@disroot.org>
- Re: CVE ID missed in DLA, squid3
  - From: Markus Koschany <apo@debian.org>

Prev by Date: Re: CVE ID missed in DLA, squid3
Next by Date: Re: CVE ID missed in DLA, squid3
Previous by thread: Re: CVE ID missed in DLA, squid3
Next by thread: Bug#913426: lists.debian.org: DLAs 1532 until 1541 missing from https://lists.debian.org/debian-lts-announce/2018/10/threads.html
Index(es):
- Date
- Thread