Hi, On Samstag, 13. Februar 2016, Paul Wise wrote: > On Sat, Feb 13, 2016 at 2:51 AM, Wheeler, David A wrote: > > Should Debian's security team ask for a Common Platform Enumeration (CPE) > > id when a related CVE is found/reported fixed? > > The debian-security list is a general Debian security discussion list > rather than a contact point for the Debian security team. yeah, exactly, that's why I suggested David to discuss this on this list. > If you wish > to contact the Debian security team, please use security@debian.org. That is not an address suited for public discussion (it aint public and there is no public archive), so your suggestion aint much helpful here. Debian usually works in the open, as I understand it security@debian.org is for telling stuff to the Security team which aint open yet. If debian-security@lists.debian.org should not be used to discuss security topics related to Debian (with and without the security team) this should be clarified, though I doubt this is the case. Now if only someone could reply to the original question at hand! ;-) cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.