Re: Machine-readable form for debian security advisories
On Thursday, 2004-08-12 at 17:25:32 +1000, Joshua Goodall wrote:
> As I understand it, VuXML has a slightly different semantic. It
> expresses that specified binary package versions will have a certain
> vulnerability and implies they should be deinstalled or upgraded to
> some version for which the vulnerability does not exist. The DSA series
> always gives "less than" information and states you must upgrade to the
> version listed.
I have to confess I only use VuXML and have never look at it closely. If
you find VuXML deficient for use with Debian and wish to extend or
change it, it's probably best if you discuss this with the people who
invented it. I can't comment on your statements and diff. So please
leave me out of the discussion. I'm getting enough mail already ;-)
> These nits aside, I can probably use VuXML for my project, even if it
> means extending the DTD. Thanks for pointing it out!
That's something I *can* comment on: Glad you found it useful. So I hope
to see VuXML being used for Debian as well in the future.
| email@example.com | http://www.lupe-christoph.de/ |
| "... putting a mail server on the Internet without filtering is like |
| covering yourself with barbecue sauce and breaking into the Charity |
| Home for Badgers with Rabies. Michael Lucas |