On 04.04.20 23:14, Alfred M. Szmidt wrote: > Sorry, lost the ball on this -- stuff. > > I've pushed the entries for the ChangeLog, I suggest that Mats-Erik > amends them accordingly if he feels they could be improved. > > Which patch went with which CVE?
Thanks, my question in a prior email was this: "Regarding mentioning a "CVE tag": Who is going to retrieve a CVE number ? Or has it been done already ?" IMO, the fixed bugs were so obvious for years (gcc even warns about them when building), that I wouldn't care about s CVEs. Some downstream managers might want to have a CVE as it helps their organization - and they are free to do so. Regards, Tim
signature.asc
Description: OpenPGP digital signature
