On Mon, 05 May 2008 18:47:05 +0200 Moritz Muehlenhoff wrote: [...] > http://idssi.enyo.de/tracker/status/release/stable lists all no-dsa issues by default, > which is confusing for users. Why should this be confusing for users? As a user, I want to be aware of all known vulnerabilities that are actually present in the stable (or testing, or unstable) suite of Debian. Even of those for which no DSA is planned. Hence, I think that http://security-tracker.debian.net/tracker/status/release/stable *should* by default show all vulnerabilities, including no-DSA ones. In other words, I am personally happy with the current behavior: suite-overview pages show all vulnerabilities by default, but a link is provided for hiding no-DSA ones. > They can still be displayed through the link. This is of paramount importance, IMHO. There should be a URL that shows *all* known vulnerabilities for a given suite (stable, testing, unstable, ...), including no-DSA ones. As I said above, I think this URL should be the default (option-less) one. -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpDQHdMLEvJ7.pgp
Description: PGP signature