I've added NVD cross references to the bug tracker. This means that we can (in theory) use NVD's classification to filter bug reports. For an example, go to
<http://idssi.enyo.de/tracker/status/release/stable> and click on "Hide local vulnerabilities". Unfortunately, I disagree with quite a few of NVD's classifications, but they seem to err on the safe side, so to speak. And, by the way, the tracker should be reasonably accurate for sarge because I use a custom DSA/list file with proper fixed version information. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
