Package: lintian
Version: 2.5.31
Severity: wishlist
In #785254, Salvatore Bonaccorso wrote:
On Wed, May 13, 2015 at 10:53:22PM +0200, Daniel Stender wrote:
+ * add fix-insecure-use-of-tmp-when-calling-c44.diff, fix
+ of security issue TEMP-0784889-495CCA, see #784888 (closed
+ in Sid by 0.4-1).
Do not use these temporary items since they can change over time (e.g.
when a CVE is assigned they do not exist anymore, or even if we change
some metadata in the security-tracker. So I suggest to just write an
expalanation what the issue is, or -- if a CVE is assigned -- include
the CVE id.
DCS finds a few cases where such a temporary identifier was used in a
changelog:
https://codesearch.debian.net/search?q=\bTEMP-[0-9]%2B-[0-9A-F]%2B\b+path%3Achangelog
It would be nice if Lintian could catch such mistakes.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: https://lists.debian.org/[email protected]
