[Secure-testing-team] Vulnerabilities not affecting Debian: reporting proposal
Stefan Fritsch
sf at sfritsch.de
Wed Jul 11 17:10:15 UTC 2007
Hi,
Alexander Konovalenko wrote:
> I couldn't find any existing solutions to the problem described
> above. The testing security team does publish some of the
> information in their Secure-testing-commits, but it lacks more
> verbose explanations and is more of a tool for team members than a
> source of information intended for the general public like Debian
> Security Advisories.
do you know the web interface to these svn commits at
http://security-tracker.debian.net/tracker ? If you already have the
CVE id, you can easily get all the information there. The
explanations for not-affected could be more verbose sometimes, but I
think in general they are sufficient.
There is no feed for this information, but if you want to be
up-to-date about the packages you use, you should look at the
debsecan package (though that does not give you information about
non-issues).
Cheers,
Stefan
More information about the Secure-testing-team
mailing list