Re: tracking security issues without CVEs

To: Brian May <brian@linuxpenguins.xyz>
Cc: debian-lts@lists.debian.org, debian-security@lists.debian.org, debian-security-tracker@lists.debian.org
Subject: Re: tracking security issues without CVEs
From: Paul Wise <pabs@debian.org>
Date: Fri, 11 Mar 2016 08:24:26 +0800
Message-id: <[🔎] CAKTje6E6K9yFvJpZctueQo1qdZGE4rtdgJyD9046CUkNtBL8fA@mail.gmail.com>
In-reply-to: <[🔎] 20160310194957.GB3172@pisco.westfalen.local>
References: <[🔎] 87h9gkdy43.fsf@prune.linuxpenguins.xyz> <[🔎] 20160306155943.GA19777@eldamar.local> <[🔎] 20160306175848.GA32100@eldamar.local> <[🔎] 20160310194957.GB3172@pisco.westfalen.local>

On Fri, Mar 11, 2016 at 3:49 AM, Moritz Mühlenhoff wrote:
> On Sun, Mar 06, 2016 at 06:58:48PM +0100, Salvatore Bonaccorso wrote:
>
>> But I think as well that is right now to early to
>> start adopting these for not yet assigned issues.
>
> Agreed, let's stick with the usual "file a bug to get a temporary
> identifier" procedure for now.

I wonder if the TEMP URLs should redirect to the bug report URL when
there is a bug available?

BTW, there was an LWN article about the alternatives to CVEs:

http://lwn.net/SubscriberLink/679315/a38e2baa9ceaf953/

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Reply to:

References:
- tracking security issues without CVEs
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: tracking security issues without CVEs
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: tracking security issues without CVEs
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: tracking security issues without CVEs
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: Re: tracking security issues without CVEs
Next by Date: Re: tracking security issues without CVEs
Previous by thread: Re: tracking security issues without CVEs
Next by thread: Re: tracking security issues without CVEs
Index(es):
- Date
- Thread