On Fri, Feb 14, 2025 at 03:28:35PM +0100, Marc Haber wrote: > Especially if the list just goes the (wrong) way of so many commercial > security tools and/or consultants who just compare version numbers and > flag our stable versions as vulnerable regardless whether we have > patched vulnerabilities or not.
But it doesn't. Santiago's using the data from the security tracker to determine whether CVEs are open. -- Colin Watson (he/him) [cjwat...@debian.org]