Hello people, As many of you are probably aware, CVE has changed the naming of their id's: the temporary "CAN-" prefix has been dropped and an id is now always of the form CVE-yyyy-nnnn. More information at the CVE website.
I was wondering what to do with changelogs. I think it might make sense to rename CAN-... numbers in old entries to CVE-..., since all entries have been renamed and this aids to the goal: having one unique string to find any vulnerability by. Are there any thoughts on changing changelogs retroactively? Might it even be an idea to add a lintian check for 'old-style' CAN id's? regards, Thijs Kinkhorst
signature.asc
Description: This is a digitally signed message part