unsubscribe
unsubscribe
Re: CAN to CVE: changing changelogs?
On Wed, Oct 26, 2005 at 11:32:15AM +0200, Thijs Kinkhorst wrote: > Hello people, > > As many of you are probably aware, CVE has changed the naming of their > id's: the temporary "CAN-" prefix has been dropped and an id is now > always of the form CVE--. More information at the CVE website. > > I was wondering what to do with changelogs. I think it might make sense > to rename CAN-... numbers in old entries to CVE-..., since all entries > have been renamed and this aids to the goal: having one unique string to > find any vulnerability by. > > Are there any thoughts on changing changelogs retroactively? Might it > even be an idea to add a lintian check for 'old-style' CAN id's? I believe that changelogs should never be changed restrospectively. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CAN to CVE: changing changelogs?
Thijs Kinkhorst wrote: > Wouldn't one of the goals of the change to just one name instead of two > per issue be to facilitate things like googling, grepping and other > searching on CVE id's? Then it would make sense to unify the names as > widely as possibe. It's not worth worrying about doing, unless you previously worried about doing it on a per-CAN basis, as CANs were one at a time promoted to CVEs. -- see shy jo signature.asc Description: Digital signature
Re: CAN to CVE: changing changelogs?
In article <[EMAIL PROTECTED]> you wrote: > Wouldn't one of the goals of the change to just one name instead of two > per issue be to facilitate things like googling, grepping and other > searching on CVE id's? Then it would make sense to unify the names as > widely as possibe. Those issues are old, and the work to look up the new ids and change them is quite big. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CAN to CVE: changing changelogs?
* Thijs Kinkhorst: >> You could change them retroactively (with a little note that you did so), >> but it's not strictly necessary, as MITRE will continue to provide referrals >> from CAN-based entries to CVE-based entries. > > Wouldn't one of the goals of the change to just one name instead of two > per issue be to facilitate things like googling, grepping and other > searching on CVE id's? It's Google's job to improve their search engine, not ours. > Then it would make sense to unify the names as widely as possibe. You can't be sure that everybody makes the change, so you still have to search for both variants anyway. I don't think it makes sense to apply the conversion to anything which is not som sort of CVE-based database. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CAN to CVE: changing changelogs?
On Wed, 2005-10-26 at 12:36 +0200, Moritz Muehlenhoff wrote: > > Are there any thoughts on changing changelogs retroactively? Might it > > even be an idea to add a lintian check for 'old-style' CAN id's? > > You could change them retroactively (with a little note that you did so), > but it's not strictly necessary, as MITRE will continue to provide referrals > from CAN-based entries to CVE-based entries. Wouldn't one of the goals of the change to just one name instead of two per issue be to facilitate things like googling, grepping and other searching on CVE id's? Then it would make sense to unify the names as widely as possibe. Thijs signature.asc Description: This is a digitally signed message part
Re: CAN to CVE: changing changelogs?
In gmane.linux.debian.devel.security, you wrote: > As many of you are probably aware, CVE has changed the naming of their > id's: the temporary "CAN-" prefix has been dropped and an id is now > always of the form CVE--. More information at the CVE website. > > I was wondering what to do with changelogs. I think it might make sense > to rename CAN-... numbers in old entries to CVE-..., since all entries > have been renamed and this aids to the goal: having one unique string to > find any vulnerability by. > > Are there any thoughts on changing changelogs retroactively? Might it > even be an idea to add a lintian check for 'old-style' CAN id's? You could change them retroactively (with a little note that you did so), but it's not strictly necessary, as MITRE will continue to provide referrals from CAN-based entries to CVE-based entries. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CAN to CVE: changing changelogs?
On Wed, Oct 26, 2005 at 11:32:15AM +0200, Thijs Kinkhorst wrote: I was wondering what to do with changelogs. I think it might make sense to rename CAN-... numbers in old entries to CVE-..., since all entries have been renamed and this aids to the goal: having one unique string to find any vulnerability by. No. People aren't that stupid, I'm sure they can figure it out. Mike Stone -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
CAN to CVE: changing changelogs?
Hello people, As many of you are probably aware, CVE has changed the naming of their id's: the temporary "CAN-" prefix has been dropped and an id is now always of the form CVE--. More information at the CVE website. I was wondering what to do with changelogs. I think it might make sense to rename CAN-... numbers in old entries to CVE-..., since all entries have been renamed and this aids to the goal: having one unique string to find any vulnerability by. Are there any thoughts on changing changelogs retroactively? Might it even be an idea to add a lintian check for 'old-style' CAN id's? regards, Thijs Kinkhorst signature.asc Description: This is a digitally signed message part