Magnus Hagander wrote: > Point 2: CVE is pretty much the industry standard for naming > vulnerabilities. This is what people *use*. There's no reason *not* > to provide it as a cross reference. But sure, we shouldn't list only > the ones that have CVE numbers - if there are any that doesn't, they > should be listed as well.
Actually, if there are any that don't have a CVE number, then we should simply ask for one to be assigned. -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
