> I suggest it might be better if exploits were each given a quick/approximate > "ranking" in terms of severity (and if the severity is unknown it could be > assigned a default median ranking), so that the algorithm you mention wouldn't > just add number of unplugged exploits, but add them by weight
That is a good idea. The Common Vulnerability Scoring System was invented for this purpose: http://en.wikipedia.org/wiki/CVSS Kind regards, Richard -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
