Hi,
I went through the several discussions and attempts that happened over
the past few years: we have several similar problems, typically:
- tagging CVEs for renamed packages in Debian
- tagging CVEs for renamed packages in Debian LTS or ELTS
- tagging CVEs for related package sets
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2749-1debian-...@lists.debian.org
https://www.debian.org/lts/security/Thorsten Alteholz
August 29, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 26 Aug 2021 21:03:02 +0200
Source: gthumb
Binary: gthumb gthumb-data gthumb-dev
Architecture: source all amd64
Version: 3:3.4.4.1-5+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Herbert Parentes Fortes Neto
Hi Sylvain,
I have spent some time looking over your code and trying out the tool.
Overall, the code looks good, easy to understand, and useful in
functionality.
On Sat, Aug 28, 2021 at 08:30:56PM +0200, Sylvain Beucler wrote:
>
> Here are a few use cases:
>
> # Report CVE entries that may