[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Don't use temporary identifiers from the Security Tracker in advisories

Wrt https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html

The internal IDs from the tracker _not_ meant for external publication,
this will only lead to stupid chain reactions where external parties
pick them up and then they perpetuate.

Either simply write "no CVE allocated" or rather do the right thing
and request an ID via https://cveform.mitre.org


Reply to: