Bug#603934: packages.debian.org: CVE links in changelogs should point to security-tracker.debian.org
On Fri, Nov 19, 2010 at 01:40:21PM +0100, Gerfried Fuchs wrote:
> ... replying to myself:
>
> * Gerfried Fuchs <rhonda@deb.at> [2010-11-19 13:37:12 CET]:
> > * Jakub Wilk <jwilk@debian.org> [2010-11-18 17:05:40 CET]:
> > > CVE links in changelogs[0] point currently to
> > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-XXXX-XXXX
> > >
> > > It would be nice if they pointed to
> > > http://security-tracker.debian.org/CVE-XXXX-XXXX
> >
> > Is this fine with the security team? I'm not sure wether the additional
> > load for the tracker code would be working of if you'd rather not have
> > it pointing there.
>
> I guess the same question could be raised with respect to in the DSAs
> on the website. I'm not that convinced anymore that it is that well of
> an idea to have the links in one part pointing to mitre and in a
> different one to the security-tracker, so the decision should be done
> for both.
I don't think this poses a problem load-wise.
Cheers,
Moritz
Reply to: