On Fri, Feb 20, 2015 at 12:40 AM, John Goerzen wrote: > Right now, the security tracker has, apparently, three status for each > version of Debian: > > not vulnerable > vulnerable > fixed > > What if we add a fourth: > > not worth fixing > > This could more clearly communicate what is being said by the "no DSA" > comments, as well as allow debsecan to be improved with this sort of > information. What do you think?
"no DSA" means "will probably not be fixed via security.debian.org" or "will only be fixed via a point release by the maintainer or anyone who cares", not "not worth fixing". -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAKTje6EiKdMV=kzwaqwxcr2qvpaz8_lwy-dnepgsjx6l1vu...@mail.gmail.com
