On 2016-12-01 10:34:20, Raphael Hertzog wrote: > On Tue, 29 Nov 2016, Antoine Beaupré wrote: >> I wonder if we should standardize something about this. >> >> I usually name security patches with the following scheme: >> debian/patches/CVE-XXXX-YYYY(-commithash)?.patch > > I use CVE-XXXX-YYYY(-patchnumber)?.patch as some issues require multiple > patches to be fixed. But I do not embed the commit hash, it's already > present in the meta-data and does not provide anything useful.
True. It also breaks down if you have to modify the patch, which is often. I guess it's the framework I used in charybdis to factor in upstream patches that did *not* require modification.. :) a. -- Government is the Entertainment division of the military-industrial complex. - Frank Zappa