Hi, * Michael S. Gilbert <michael.s.gilb...@gmail.com> [2009-04-17 09:59]: > On Thu, 16 Apr 2009 19:36:04 +0200 Thijs Kinkhorst wrote: > > On tongersdei 16 April 2009, Michael S. Gilbert wrote: > > > was it desirable to remove the DSA tags from the temporarily named > > > clamav issues in this commit? > > > > Desirable perhaps not, but it is how the current implementation works: > > data/DSA/list is used as the canonical list of DSA's that have been > > released, > > and these are mapped to their data/CVE/list counterparts. Because these > > issues have no CVE names assigned yet, we have nothing to cross reference > > them from data/DSA/list. > > > > I'm not sure how a better implementation would look like, since I would > > like > > to keep the feature that data/DSA/list lists the DSA's, and that removing > > CVE > > from a listing in that file will have it removed from data/CVE/list > > automatically. > > wouldn't it just be a matter of (python pseudocode): > > if cve_number.endswith( 'XXXX' ): > no DSA stripping logic > else: > DSA stripping logic
Just use the distribution tags in the CVE list file as you need to add the CVE id anyway when you got one and then just remove the distribution tags and add the ids to the DSA list. This should be a lot cleaner. Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpdFlL9yN79k.pgp
Description: PGP signature
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
