[Secure-testing-team] Proposed syntax changes for CAN/list /
finalization phase
Moritz Muehlenhoff
jmm at inutil.org
Fri Sep 23 22:09:58 UTC 2005
Florian Weimer wrote:
> > CAN-2005-3011 (texindex in texinfo 4.7 and earlier allows local users to overwrite ...)
> > - texinfo unfixed (bug #328265; low)
>
> Please use some characters which cannot be part of version numbers,
> for example:
>
> - texinfo <unfixed> (bug #328265; low)
>
> Also for not-affected, BTW.
Ok, so it's <unfixed>, <not-affected> and <itp>
> > Please review and let's finalize the format somehow.
>
> Recently, it occurred to me that we have no good way to reference a
> Debian bug which deals with a non-issue as far as we are concerned:
>
> - texinfo <not-affected> (we do not ship this particular shell script)
>
> The usual space for bug references is taken by the free-form text.
> For uniformity, I'd rather put this text into a NOTE: und go with the
> standard syntax for bug references.
I see the point, but I think that for the majority of the issues we'll
not open a bug report (e.g. because it's obvious that they are specific
to another distribution at the first glance. So let's implement
not-affected like above and add your proposed fix from below.
> Apart from that, it probably makes sense to allow Debian bug numbers
> in the { ... } cross-references (for issues which do not have package
> notes, but still reference Debian bugs).
Which would be ideal to solve the deficiency you mentioned above. So
the { } cross-references may refer to DTSA-foo DSA-foo or "bug #foo".
Cheers,
Moritz
More information about the Secure-testing-team
mailing list