Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sun, 19 Dec 2010 12:42:37 -0500
Message-id: <[🔎] 20101219124237.f23b4698.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 20101219004747.GP17410@talon.fglan>
References: <20101218120807.GA2987@galadriel.inutil.org> <[🔎] 20101219004747.GP17410@talon.fglan>

On Sat, 18 Dec 2010 16:47:47 -0800 Vagrant Cascadian wrote:
> will it include a list of affected binary packages (in addition to source
> packages)? 

Just as a point of reference, you can use the debsecan package (or
the security-tracker site [0]) right now to determine whether various
package versions are affected or not.

A feature that I would like to see is a clear machine-parsable
delineation between CVEs that affect stable vs oldstable vs testing vs
unstable. Right now, manual text has to be written to convey this info,
making it impossible automatically parse the advisory for this.

Best wishes,
Mike

[0] http://security-tracker.debian.org

Reply to:

References:
- Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
  - From: Vagrant Cascadian <vagrant@freegeek.org>

Prev by Date: Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
Next by Date: Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
Previous by thread: Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
Next by thread: Missing DSA for xpdf update?
Index(es):
- Date
- Thread