Re: pluxml issues are questionable, request for advice
On Wed, Dec 16, 2020 at 07:36:19AM +0100, Ola Lundqvist wrote:
> Hi LTS team
> I have checked two of the pluxml issues
> This vulnerability is questioned upstream.
> The question is how this should be marked:
> - no-dsa minor issue?
> - ignored?
"not a vulnerability" or "no security impact" is usually marked
"unimportant", see e.g.
For pluxml the same CVEs are "vulnerable" in stable+unstable and with RC
bug #973382 open, the security team should know best how to handle this
based on your analysis.
> Best regards
> // Ola