Moritz Muehlenhoff wrote:
> 6. For syntactical clarity cross references in {} should only be allowed
> directly
> after the CVE line.
Agreed for CVEs (also already enforced by updatelist IIRC), but for
DSAs, see DSA-573-1 of an example of a DSA that was complex enough in
what it affected that it made sense to list the CVE references
separately:
[21 Oct 2004] DSA-573-1 cupsys - integer overflows
{CAN-2004-0888}
- cupsys 1.1.20final+rc1-10
{CAN-2004-0889}
- xpdf 3.00-10
NOTE: kpdf and kfax are fixed in sarge, bug #278173 and #280373 for
reference
- kpdf 4:3.3.1-1
- gpdf 2.8.0-1
- kfax 4:3.3.1-1
--
see shy jo
signature.asc
Description: Digital signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
