Bug#482577: pending notation

To: submit@bugs.debian.org
Subject: Bug#482577: pending notation
From: dann frazier <dannf@debian.org>
Date: Fri, 23 May 2008 11:50:33 -0600
Message-id: <[🔎] 20080523175033.GH32742@colo.lackof.org>
Reply-to: dann frazier <dannf@debian.org>, 482577@bugs.debian.org

Package: security-tracker

I've been trying to use the tracker repository more actively for
tracking kernel updates and so far it is going pretty well. One
feature request I have is the ability to mark an issue as
pending. Usually multiple issues are queued up for a kernel DSA, and
its nice to be able to filter out issues that have already been
committed to the kernel repository.

I know I could use NOTEs for this, but I'd prefer to be able to note
this on a per-package basis. Something like the following would work
for my use case:

 CVE-2008-2136 (Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux ...)
	- linux-2.6 <unfixed>
	- linux-2.6 <unfixed> (pending 2.6.18.dfsg.1-18etch5)
	- linux-2.6.24 <unfixed> (pending 2.6.24-6~etchnhalf.3)
	NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02

Or, maybe it makes more sense to add a new status - e.g. <pending> instead of <unfixed>;
I don't have enough experience with the tracker to say for sure. (And
I realize that I could write my own tool to cross-reference the
security tracker w/ the kernel repository, but hey - I'm lazy.. and
this might be a good feature for the tracker in general).

-- 
dann frazier

Reply to:

Follow-Ups:
- Re: Bug#482577: pending notation
  - From: Nico Golde <nion@debian.org>

Prev by Date: Re: Missing Urgencies in Tracker
Next by Date: Linux kernel CVEs vs tracker
Previous by thread: Re: Missing Urgencies in Tracker
Next by thread: Re: Bug#482577: pending notation
Index(es):
- Date
- Thread