Re: Should Debian ask for a CPE when a CVE in Debian is found?

To: Holger Levsen <holger@layer-acht.org>, debian-security@lists.debian.org, "Wheeler, David A" <dwheeler@ida.org>
Subject: Re: Should Debian ask for a CPE when a CVE in Debian is found?
From: Elmar Stellnberger <estellnb@gmail.com>
Date: Mon, 15 Feb 2016 10:32:16 +0100
Message-id: <[🔎] 56C19B20.2090304@gmail.com>
In-reply-to: <[🔎] 201602151002.27187.holger@layer-acht.org>
References: <[🔎] 9F8E44BC27E22046B84EC1B9364C66A1B31E3FC9F1@EXCH07-4850.ida.org> <[🔎] CAKTje6HYaZsEiW3iS+pwCae_JpwYwevhMxnTqcmD_HKsQftJZA@mail.gmail.com> <[🔎] 201602151002.27187.holger@layer-acht.org>

Am 2016-02-15 um 10:02 schrieb Holger Levsen:

If debian-security@lists.debian.org should not be used to discuss security
topics related to Debian (with and without the security team) this should be
clarified, though I doubt this is the case.

Why not? I believe we had some fruitful discussion/comments byindividuals on this list in the past. If not what other list would yousuggest? Would there really be any sense in splitting security relateddiscussions among three lists? I believe there is not.

Reply to:

Follow-Ups:
- Re: Should Debian ask for a CPE when a CVE in Debian is found?
  - From: "georg@riseup.net" <georg@riseup.net>

References:
- Should Debian ask for a CPE when a CVE in Debian is found?
  - From: "Wheeler, David A" <dwheeler@ida.org>
- Re: Should Debian ask for a CPE when a CVE in Debian is found?
  - From: Paul Wise <pabs@debian.org>
- Re: Should Debian ask for a CPE when a CVE in Debian is found?
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: Should Debian ask for a CPE when a CVE in Debian is found?
Next by Date: Re: Should Debian ask for a CPE when a CVE in Debian is found?
Previous by thread: Re: Should Debian ask for a CPE when a CVE in Debian is found?
Next by thread: Re: Should Debian ask for a CPE when a CVE in Debian is found?
Index(es):
- Date
- Thread