On Thu, Nov 15, 2007 at 04:23:17PM +1100, William Grant wrote: > > On Thu, 2007-11-15 at 18:13 +1300, Matthew Paul Thomas wrote: > > On Nov 13, 2007, at 11:05 PM, William Grant wrote: > > > ... > > > Malone has its (apparently very unfinished) CVE tracking abilities, but > > > there's no way to triage CVEs, for example. It would be nice to be able > > > to exclude RESERVED CVEs from the list, and have an easy `not for us' > > > button if they are for software not included in any Ubuntu release. The > > > list is currently simply too massive to do anything useful with. > > > ... > > > > Please report bugs about specific deficiencies, otherwise we'll forget > > about them. (I can't do it myself because I'm not familiar with CVEs.) > > I'll identify some specific ones and file them, but I note that there > are open CVE feature request bugs from bradb that were filed in 2005/08, > so I won't be holding my breath. If you produce a shortlist of items that are worth fixing in the shorter term, it is possible we can find some time to work on them. Once we have security handling in Soyuz itself (which Julian is working hard on finishing at this point) tying in CVE annotation is a more concrete reality. -- Christian Robottom Reis | http://async.com.br/~kiko/ | [+55 16] 3376 0125
This is the launchpad-users mailing list archive — see also the general help for Launchpad.net mailing lists.
(Formatted by MHonArc.)