Hi Florian, * Florian Weimer <fw@deneb.enyo.de> [2008-06-16 09:53]: > * Florian Weimer: > > >> If I add cupsys to the removed-packages file is an > >> additional <removed> tag in CVE/list still needed? > > > > Yes, otherwise the issue is not marked as unfixed for etch et al. > > There seems to have been a misunderstanding: It is not necessary (and > even wrong) to change the version numbers on historic entries. You only > should use <removed> for new vulnerabilities. Aaaaah true, my bad. I'll fix this when I back home again. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgpaYUhWnuFzp.pgp
Description: PGP signature