Bug#603934: marked as done (packages.debian.org: CVE links in changelogs should point to security-tracker.debian.org)

[Debian Bug Tracking System]

Your message dated Fri, 17 Dec 2010 14:31:14 +0100
with message-id <20101217133114.ga8...@anguilla.debian.or.at>
and subject line Re: Bug#603934: packages.debian.org: CVE links in changelogs 
should point to security-tracker.debian.org
has caused the Debian Bug report #603934,
regarding packages.debian.org: CVE links in changelogs should point to 
security-tracker.debian.org
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
603934: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603934
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: www.debian.org
Severity: wishlist

CVE links in changelogs[0] point currently to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-XXXX-XXXX

It would be nice if they pointed to http://security-tracker.debian.org/CVE-XXXX-XXXX

[0] See e.g.
http://packages.debian.org/changelogs/pool/main/o/openssl/current/changelog

--
Jakub Wilk

--- End Message ---

--- Begin Message ---

        Hi!

* Moritz Muehlenhoff <j...@inutil.org> [2010-11-20 10:28:05 CET]:
> On Fri, Nov 19, 2010 at 01:40:21PM +0100, Gerfried Fuchs wrote:
> > * Gerfried Fuchs <rho...@deb.at> [2010-11-19 13:37:12 CET]:
> > > * Jakub Wilk <jw...@debian.org> [2010-11-18 17:05:40 CET]:
> > > > CVE links in changelogs[0] point currently to  
> > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-XXXX-XXXX
> > > >
> > > > It would be nice if they pointed to  
> > > > http://security-tracker.debian.org/CVE-XXXX-XXXX
> > > 
> > >  Is this fine with the security team? I'm not sure wether the additional
> > > load for the tracker code would be working of if you'd rather not have
> > > it pointing there.
> > 
> >  I guess the same question could be raised with respect to in the DSAs
> > on the website. I'm not that convinced anymore that it is that well of
> > an idea to have the links in one part pointing to mitre and in a
> > different one to the security-tracker, so the decision should be done
> > for both.
> 
> I don't think this poses a problem load-wise.

 Alright, done for now for the changelogs, the website will follow.
Rhonda
-- 
<dholbach> Last day of https://wiki.ubuntu.com/UbuntuDeveloperWeek starting in
           34 minutes in #ubuntu-classroom on irc.feenode.net
 * ScottK hands dholbach an "r".
<Rhonda> Are they fundraising again?

--- End Message ---