[Secure-testing-team] restructuring embedded code copies
Moritz Muehlenhoff
jmm at inutil.org
Thu Dec 27 17:59:09 UTC 2007
Nico Golde wrote:
> I started restructuring the embedded code copies file
> because it has become very chaotic over the time and I think
> it can be well structured using a similar format as in the
> CVE list.
>
> I converted the xpdf entry to the new format:
> http://lists.alioth.debian.org/pipermail/secure-testing-commits/2007-December/008048.html
>
> The format I used for now is:
> <srcpkg> (<optional comment about srcpkg>)
> - <embedding srcpkg> <status> (<sort>; bug #<number>)
> NOTE: optional comments about the linkage of the embedding srcpkg
>
> status: version number fixing the embedded copy, <unfixed> or <unknown> if the version number can not be determined
> sort: static/dynamic
>
> Improvements are welcome, what do you think about this format, what could be better?
The format should differentiate between <static> (linking statically against a lib)
and <embed> (embedding a copy of the library into another source package).
Other than that it appears fine.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list