[Secure-testing-commits] r11628 - data/CVE
Nico Golde
debian-secure-testing+ml at ngolde.de
Fri Apr 17 09:26:29 UTC 2009
Hi,
* Michael S. Gilbert <michael.s.gilbert at gmail.com> [2009-04-17 09:59]:
> On Thu, 16 Apr 2009 19:36:04 +0200 Thijs Kinkhorst wrote:
> > On tongersdei 16 April 2009, Michael S. Gilbert wrote:
> > > was it desirable to remove the DSA tags from the temporarily named
> > > clamav issues in this commit?
> >
> > Desirable perhaps not, but it is how the current implementation works:
> > data/DSA/list is used as the canonical list of DSA's that have been released,
> > and these are mapped to their data/CVE/list counterparts. Because these
> > issues have no CVE names assigned yet, we have nothing to cross reference
> > them from data/DSA/list.
> >
> > I'm not sure how a better implementation would look like, since I would like
> > to keep the feature that data/DSA/list lists the DSA's, and that removing CVE
> > from a listing in that file will have it removed from data/CVE/list
> > automatically.
>
> wouldn't it just be a matter of (python pseudocode):
>
> if cve_number.endswith( 'XXXX' ):
> no DSA stripping logic
> else:
> DSA stripping logic
Just use the distribution tags in the CVE list file as you
need to add the CVE id anyway when you got one and then just
remove the distribution tags and add the ids to the DSA
list. This should be a lot cleaner.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20090417/4f72f92e/attachment.pgp>
More information about the Secure-testing-commits
mailing list