Re: show DTSAs as fixed even without CVE ids
On Wed, Jan 16, 2008 at 12:12:56AM +0100, Nico Golde wrote:
> in the case of vlc it does show up in the tracker as unfixed
> because the CVE ids in the CVE list are not marked with a
> DTSA tag because the ids are missing from DTSA/list.
> Any way to workaround this?
> I tried naming them with CVE-2007-YXXX CVE-2007XYXX and so
> on but the pre-commit hook doesn't like this.
The only workaround I can see is adding [lenny] entries to
CVE-2007-XXXX [vlc arbitrary file overwrite vulnerability via crafted m3u playlists]
- vlc 0.8.6.c-4.1 (medium; bug #458318)
[lenny] - vlc 0.8.6.c-4.1~lenny1