> I suggest it might be better if exploits were each given a quick/approximate > "ranking" in terms of severity (and if the severity is unknown it could be > assigned a default median ranking), so that the algorithm you mention wouldn't > just add number of unplugged exploits, but add them by weight
That is a good idea. The Common Vulnerability Scoring System was invented for this purpose: http://en.wikipedia.org/wiki/CVSS Kind regards, Richard -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/7f6371fd-0ee0-4f36-8f36-7736f65e7...@vdberg.org
