On Fri, Feb 20, 2015 at 12:40 AM, John Goerzen wrote: > Right now, the security tracker has, apparently, three status for each > version of Debian: > > not vulnerable > vulnerable > fixed > > What if we add a fourth: > > not worth fixing > > This could more clearly communicate what is being said by the "no DSA" > comments, as well as allow debsecan to be improved with this sort of > information. What do you think?
"no DSA" means "will probably not be fixed via security.debian.org" or "will only be fixed via a point release by the maintainer or anyone who cares", not "not worth fixing". -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/CAKTje6EiKdMV=kzwaqwxcr2qvpaz8_lwy-dnepgsjx6l1vu...@mail.gmail.com
