Your message dated Thu, 3 Feb 2022 11:07:06 +0000 with message-id <20220203110706.1404efb1@felix.codehelp> and subject line Merged has caused the Debian Bug report #1001453, regarding security-tracker: extend support for bug reporting to update the CVE list with the bug number to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1001453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001453 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: security-tracker: extend support for bug reporting to update the CVE list with the bug number
- From: Neil Williams <codehelp@debian.org>
- Date: Fri, 10 Dec 2021 10:56:25 +0000
- Message-id: <163913378559.129743.15981572026706783938.reportbug@felix.codehelp>
Package: security-tracker Severity: wishlist X-Debbugs-Cc: codehelp@debian.org Adding this as a wishlist bug, arising from existing ideas and discussions with the security team. 'bin/report-vuln' is useful to standardise reports to the BTS but there is then a manual step of updating data/CVE/list with the bug number. A tool to automate a syntactically correct change to a specific CVE would be a useful extension of this support, not just to add the bug number once the email is received from the BTS but to also make other standard changes: - mark CVE <ID> as fixed in unstable in version <VERSION> - mark a given released suite (stable/oldstable/LTS) as <not-affected> for a specific CVE ID - add a bug number to an existing CVE entry - add a NOTE: entry to an existing CVE Implement with a view that the requests could be integrated into tracker.d.o so that a merge request can be generated against the security tracker or a syntactically valid snippet can be generated that can be merged into the tracker after review. The parsing support would be similar to existing scripts and tools and to the support proposed for #1001451 - this tool is focused on changes to a specific CVE.
--- End Message ---
--- Begin Message ---
- To: 1001451-done@bugs.debian.org, 1001453-done@bugs.debian.org
- Subject: Merged
- From: Neil Williams <codehelp@debian.org>
- Date: Thu, 3 Feb 2022 11:07:06 +0000
- Message-id: <20220203110706.1404efb1@felix.codehelp>
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38fc7543c6e8fc4a2d15540fd63b837218361e8f Incremental work will continue from here for feature requests and to run tests on the bin/ and lib/ scripts (on branches or possibly on schedules). -- Neil Williams ============= https://linux.codehelp.co.uk/Attachment: pgpe6Iji7xvg2.pgp
Description: OpenPGP digital signature
--- End Message ---