[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format

On Sat, 18 Dec 2010 16:47:47 -0800 Vagrant Cascadian wrote:
> will it include a list of affected binary packages (in addition to source
> packages)? 

Just as a point of reference, you can use the debsecan package (or
the security-tracker site [0]) right now to determine whether various
package versions are affected or not.

A feature that I would like to see is a clear machine-parsable
delineation between CVEs that affect stable vs oldstable vs testing vs
unstable. Right now, manual text has to be written to convey this info,
making it impossible automatically parse the advisory for this.

Best wishes,

[0] http://security-tracker.debian.org

Reply to: