Package: security-tracker
I've been trying to use the tracker repository more actively for
tracking kernel updates and so far it is going pretty well. One
feature request I have is the ability to mark an issue as
pending. Usually multiple issues are queued up for a kernel DSA, and
its nice to be able to filter out issues that have already been
committed to the kernel repository.
I know I could use NOTEs for this, but I'd prefer to be able to note
this on a per-package basis. Something like the following would work
for my use case:
CVE-2008-2136 (Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the
Linux ...)
- linux-2.6 <unfixed>
- linux-2.6 <unfixed> (pending 2.6.18.dfsg.1-18etch5)
- linux-2.6.24 <unfixed> (pending 2.6.24-6~etchnhalf.3)
NOTE: Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02
Or, maybe it makes more sense to add a new status - e.g. <pending> instead of
<unfixed>;
I don't have enough experience with the tracker to say for sure. (And
I realize that I could write my own tool to cross-reference the
security tracker w/ the kernel repository, but hey - I'm lazy.. and
this might be a good feature for the tracker in general).
--
dann frazier
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
