Bug#508031: Tracking vulnerabilities that have already been patched in other distributions

To: "Nico Golde" <nion@debian.org>, 508031@bugs.debian.org
Cc: "Michael Gilbert" <michael.s.gilbert@gmail.com>
Subject: Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
From: "Richard Hartmann" <richih.mailinglist@gmail.com>
Date: Mon, 8 Dec 2008 09:48:48 +0100
Message-id: <[🔎] 2d460de70812080048y79d63910qebed472f3e229e21@mail.gmail.com>
Reply-to: "Richard Hartmann" <richih.mailinglist@gmail.com>, 508031@bugs.debian.org
In-reply-to: <[🔎] 20081208083214.GI6996@ngolde.de>
References: <[🔎] 8e2a98be0812062040i10bab143wff3424c325591bca@mail.gmail.com> <[🔎] 20081207142111.GB6996@ngolde.de> <[🔎] 2d460de70812070710h8fbf4eay87e676c8b6b625d0@mail.gmail.com> <[🔎] 878wqsf1lb.fsf@mid.deneb.enyo.de> <[🔎] 8e2a98be0812071707w59668e6ao9649ce2dcf2902b7@mail.gmail.com> <[🔎] 20081208083214.GI6996@ngolde.de>

On Mon, Dec 8, 2008 at 09:32, Nico Golde <nion@debian.org> wrote:

> I think your imagination of the process is way to easy,
> it's more than reading and directly editing the tracker, the
> same process like the one for new CVE ids apply, checking if
> the package is in Debian, if not checking if there is an itp
> or if it's NFU,

Can be done with a script of a few lines (unless the whole
thing has been renamed).

> check other packages embedding this source
> code,

Should be do-able with a few more lines, but will probably
need manual verification.

> check other packages having similar code...

Needs manual verification & work.

Yet, none of these speak against a pointer of the fix already
being available once the above steps have been finished. And
that is what Michael is offering.
It will certainly not make every issue disappear magically. But
it may help in quite a few cases.

Richard

Reply to:

Follow-Ups:
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: Nico Golde <nion@debian.org>

References:
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: Nico Golde <nion@debian.org>
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: "Richard Hartmann" <richih.mailinglist@gmail.com>
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: Florian Weimer <fw@deneb.enyo.de>
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>
- Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
  - From: Nico Golde <nion@debian.org>

Prev by Date: Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
Next by Date: Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
Previous by thread: Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
Next by thread: Bug#508031: Tracking vulnerabilities that have already been patched in other distributions
Index(es):
- Date
- Thread