Hi Raphael, thanks for your feedback! I got a consistent idea now. On Mittwoch, 25. Februar 2015, Raphael Hertzog wrote: > > - if a CVE is neither fixed in lts/security/(squeeze|wheezy), but the > > version in lts/security differs from squeeze|wheezy, which version+suite > > to display as affected? > The aggregate view should use the latest version available from all the > repositories associated to the release of interest. so it would display: version: $some_version_in_lts release: squeeze which is kinda wrong/inaccurate... But ok, I'll implemented both outputs (full+aggregated) and then we can see if this is a bug or a feature :) cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.