[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

proposal: track CAN ids in changelogs

[sorry for crossposting, but this is relevant to both ML, please cc]

while searching bugtraq for not-yet-fixed security bugs, I found out that there
is no reliable way (apart from testing yourself) if a package has been patched
for a specific security advisory.
It would be fine to include as best practice for maintainers fixing security
bugs to include something (Fixes: <CAN-ID-or-something>) in the changelog so it
is easy to track such changes.


Attachment: signature.asc
Description: Digital signature

Reply to: