[Secure-testing-team] Re: [Secure-testing-commits] r5450 - data/CVE

Florian Weimer fw at deneb.enyo.de
Sun Feb 18 17:52:08 UTC 2007


* Stefan Fritsch:

> On Wednesday 14 February 2007 06:42, Florian Weimer wrote:
>> If we want to preserve the ability to track by binary package name
>> for simple cases, I have to add a way to mark a non-existing
>> package as a source package.  I plan to parse
>> data/packages/removed-packages for this purpose.

Turns out that this was already implemented.

> Maybe it would be enough to treat any package with at least one
> <removed> entry as source package?

Yeah, when I added removed-packages, we didn't have <removed>
annotations.  I've added processing of the <removed> tags (and removed
the code for removed-packages).  There's still a corner cases where
we'd need a separate removed-packages file, but I don't think we will
run into it in the forseeable future.



More information about the Secure-testing-team mailing list