On 11/30/21 3:02 PM, Salvatore Bonaccorso wrote:
Control: tags -1 + security Control: notfound -1 4.0
Hi Salvatore, Thank you for your reply.
Thank you. It's usually not necessary to fill bugs for CVEs for src:linux, we are already tracking them and are aware. > In the
Sorry for the noise.
particular case you can look up CVE-2013-7445 and it's unlikely that it will be addressed. Furthermore CVEs for linux are specifically tracked in the kernel-team as well.
What about the other CVEs in the unreported list? (https://security-tracker.debian.org/tracker/status/unreported) Is it worthwhile to try to get them reported? Or is this a low priority because they've already been triaged?
Thanks again, Jeremiah