Nico Golde
2007-Oct-02 19:21 UTC
[Secure-testing-team] adding TEMP items to the tracker list
Hi, looking at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444982 which seems to be a valid security flaw, how do I add this to the tracker that it will be displayed as TEMP-XXX... item? Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071002/04bbd4c8/attachment.pgp
Florian Weimer
2007-Oct-02 20:01 UTC
[Secure-testing-team] adding TEMP items to the tracker list
* Nico Golde:> looking at > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444982 > which seems to be a valid security flaw, how do I add this > to the tracker that it will be displayed as TEMP-XXX... > item?Use "CVE-2007-XXXX" and put the description in brackets ("[]").
Micah Anderson
2007-Oct-02 20:47 UTC
[Secure-testing-team] adding TEMP items to the tracker list
* Florian Weimer <fw at deneb.enyo.de> [071002 13:01]:> * Nico Golde: > > > looking at > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444982 > > which seems to be a valid security flaw, how do I add this > > to the tracker that it will be displayed as TEMP-XXX... > > item? > > Use "CVE-2007-XXXX" and put the description in brackets ("[]").These TEMP-XXX... entries should really only be used as placeholders while genuine CVE entries are being requested. We have far too many TEMP entries that never turn into CVEs and the original reasoning why they are issues are never logged properly. micah
Nico Golde
2007-Oct-02 22:22 UTC
[Secure-testing-team] adding TEMP items to the tracker list
Hi, * Micah Anderson <micah at riseup.net> [2007-10-03 00:04]:> * Florian Weimer <fw at deneb.enyo.de> [071002 13:01]: > > * Nico Golde: > > > > > looking at > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444982 > > > which seems to be a valid security flaw, how do I add this > > > to the tracker that it will be displayed as TEMP-XXX... > > > item? > > > > Use "CVE-2007-XXXX" and put the description in brackets ("[]"). > > These TEMP-XXX... entries should really only be used as placeholders > while genuine CVE entries are being requested. We have far too many > TEMP entries that never turn into CVEs and the original reasoning why > they are issues are never logged properly.Ok I am going to request a CVE for this then. Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071003/b3bc96b4/attachment.pgp