On Sat, Aug 28, 2021 at 08:30:56PM +0200, Sylvain Beucler wrote:
Here are a few use cases:
...
# Also report CVE entries that may have been missed for newly branched packages in Debian (e.g. the golang-1.xx set)
$ bin/related-cves.py --transitions data/renamed-packages --report --two-way
This produced much more output, much of which I am not sure would be
especially useful. Perhaps the security team, dealing with oldstable
through unstable might benefit from it, though. The year threshold you
mentioned seems to be useful here, if I understand it correctly.
It appears that if the data/CVE/list split is implemented that this
would be another tool that requires updating to deal with the new
architecture. I wonder if it makes sense to proceed with implementing a
"list of filenames" that the script operates upon for each parameter
(e.g., CVE, DSA, DLA, etc.) in order to be ready for the coming change.