[Git][security-tracker-team/security-tracker][master] new file to track some open issues around auto-nfu

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
249478e8 by Moritz Muehlenhoff at 2025-05-13T23:24:34+02:00
new file to track some open issues around auto-nfu

- - - - -


1 changed file:

- + org/auto-nfu-TODO.txt


Changes:

=====================================
org/auto-nfu-TODO.txt
=====================================
@@ -0,0 +1,14 @@
+This file tracks a few open bugs/enhancements with the auto-nfu handling.
+
+---
+There are a few CVE entries which apply to muliple products at once (usually for a common codebase).
+One example for this is CVE-2025-29954, which applies to multiple Windows versions. The product-based matching using
+
+    - anyOf:
+      - product: foo
+
+doesn't work for these CVEs. Instead if a CVE applies to multiple products and at least one of then matches, it
+should apply.
+---
+
+



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/249478e869d711fd6c4e418944e3b74bcc716828

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/249478e869d711fd6c4e418944e3b74bcc716828
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250513/487abb58/attachment.htm>