[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#603934: packages.debian.org: CVE links in changelogs should point to security-tracker.debian.org

On Fri, Nov 19, 2010 at 01:40:21PM +0100, Gerfried Fuchs wrote:
>  ... replying to myself:
> 
> * Gerfried Fuchs <rhonda@deb.at> [2010-11-19 13:37:12 CET]:
> > * Jakub Wilk <jwilk@debian.org> [2010-11-18 17:05:40 CET]:
> > > CVE links in changelogs[0] point currently to  
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-XXXX-XXXX
> > >
> > > It would be nice if they pointed to  
> > > http://security-tracker.debian.org/CVE-XXXX-XXXX
> > 
> >  Is this fine with the security team? I'm not sure wether the additional
> > load for the tracker code would be working of if you'd rather not have
> > it pointing there.
> 
>  I guess the same question could be raised with respect to in the DSAs
> on the website. I'm not that convinced anymore that it is that well of
> an idea to have the links in one part pointing to mitre and in a
> different one to the security-tracker, so the decision should be done
> for both.

I don't think this poses a problem load-wise.

Cheers,
        Moritz
Reply to: