[Secure-testing-commits] r17045 - data/CVE
Johnathan Ritzi
jrdioko at gmail.com
Sat Jul 30 21:05:23 UTC 2011
Finding the main product name seems fairly straightforward, but it seems
like it would be good to search for a mentioned file as well to make sure
you have the right package, see if the filename shows up in another package,
etc. I'll give setting up a sid chroot another shot.
Thanks,
Johnathan
2011/7/30 Moritz Mühlenhoff <jmm at inutil.org>
> On Fri, Jul 29, 2011 at 03:17:53PM -0700, Johnathan Ritzi wrote:
> > That's exactly what I was doing, I thought I was going to get away
> without
> > building a sid system (or at least a chroot), but I guess I was wrong :)
> >
> > So it looks like the package description search finds binary or source
> > packages, while the package contents only searches binary ones. I'll go
> look
> > again and figure out how all this works.
>
> Searching for the package name in the description should work out as well:
> CVE-2011-0024 mentions Wireshark, CVE-2010-4665 mentions libtiff, etc.
>
> Cheers,
> Moritz
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20110730/6d0f3241/attachment.html>
More information about the Secure-testing-commits
mailing list