[Secure-testing-team] Re: [Secure-testing-commits] r5803 -
data/CVE
Moritz Muehlenhoff
jmm at inutil.org
Mon May 7 17:51:06 UTC 2007
Florian Weimer wrote:
> * Noah Meyerhans:
>
> > Modified:
> > data/CVE/list
> > Log:
> > DSA-1287-1 fixes ldap-account-manager issues
>
> Is there are particular reason why you edit CVE/list instead of DSA/list?
> Just wondering.
Noah,
there's an easier way to add DSAs: Simply add them to DSA/list and they're
added to CVE list by a script, which performs cross-references. I've converted
the entry in revision 5805 for reference. This has a couple of advantages:
- A canonical list of DSA identifiers (DSA mapping are done with DSA/list
as the unique identifier)
- Changes to affected CVEs/versions only need to be changed in one place
Cheers,
Moritz
More information about the Secure-testing-team
mailing list