[Secure-testing-team] [Secure-testing-commits] r12531 - data/CVE
Michael S. Gilbert
michael.s.gilbert at gmail.com
Sun Aug 9 16:34:51 UTC 2009
On Sun, 9 Aug 2009 13:56:23 +0000 Nico Golde wrote:
> Author: nion
> Date: 2009-08-09 13:56:23 +0000 (Sun, 09 Aug 2009)
> New Revision: 12531
>
> Modified:
> data/CVE/list
> Log:
> add todos for new items, please do that as well next time
>
> Modified: data/CVE/list
> ===================================================================
> --- data/CVE/list 2009-08-09 13:55:11 UTC (rev 12530)
> +++ data/CVE/list 2009-08-09 13:56:23 UTC (rev 12531)
> @@ -4,11 +4,13 @@
> - rubygems <not-affected>
> NOTE: debian's version installs gems packages to /var/lib/gems,
> NOTE: so no opportunity to overwrite system files
> + TODO: request CVE id
ok, is a mail to oss-sec like yours sufficient? also, i thought there
were going to be some workflow changes where the security team could
autonomously assign a CVE from a pool allocated to debian. are there
any formal plans for that? or would that only be done along with a DSA?
mike
More information about the Secure-testing-team
mailing list