Brian May writes:
> In any case, possibly better to leave feedback on the pull request:
s/pull request/issue/
Sorry for any confusion.
--
Brian May
Antoine Beaupré writes:
> https://salsa.debian.org/security-tracker-team/security-tracker/merge_requests/4
>
> Comments are welcome there or here.
Current comments on merge request, copied and pasted here, as I think
relevant for the discussion here:
Moritz Muehlenhoff @jmm commented 4 days
CVE-2016-10621: TODO: check
CVE-2016-10624: TODO: check
CVE-2017-16005: TODO: check
CVE-2017-16021: TODO: check
CVE-2017-16023: TODO: check
CVE-2017-16026: TODO: check
CVE-2017-16030: TODO: check
CVE-2017-16118: TODO: check
CVE-2017-16119: TODO: check
CVE-2017-16129: TODO: check
CVE-2018-1103:
Moritz Muehlenhoff writes:
> On Tue, Jun 12, 2018 at 05:40:34PM +1000, Brian May wrote:
>> 1. Tagging with / instead of .
>
> Nothing of those can automated. The basic point of is that
> we lack data to make a proper assessment.
>
> The correct way to handle these is to triage
>
On Wed, Jun 13, 2018 at 05:19:40PM +1000, Brian May wrote:
> "as I said in the mailing list discussion, I don't like the usage of the
> undetermined tag... we use it to hide stuff we can't investigate under
> the carpet, I would much prefer that we put it as directly
> when it's the case, or
5 matches
Mail list logo
