On Wednesday, 20 March 2019 at 00:48, Carl Eugen Hoyos wrote: > 2019-03-19 23:28 GMT+01:00, Dominik 'Rathann' Mierzejewski > <domi...@greysector.net>: > > > Were the CVE IDs not known at the time these were pushed to master? > > No, how would this be possible?
Easy: you can request the ID at https://cveform.mitre.org/ before pushing the commits. > > Not having them in the commit log made it more difficult to find them. > > I thought the CVE's themselves contains the commits, no? They do, but looking at the commits only I wouldn't know there were CVE IDs associated with them, so the relation is one-way only. I would feel better if the commit log said a CVE ID was being fixed. Regards, Dominik -- Fedora https://getfedora.org | RPM Fusion http://rpmfusion.org There should be a science of discontent. People need hard times and oppression to develop psychic muscles. -- from "Collected Sayings of Muad'Dib" by the Princess Irulan _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
