[Michael Gilbert] > Is this the best way to do this? Would it be better for this info > to be declared in package control files so it can be automatically > aggregated when changes happen? Otherwise, this file is bound to > get outdated.
As I said on debian-devel@, I suspect adding it to debian/control in each package is a good idea, but saw no point in waiting for that to happen before testing the idea of comparing NVD and the Debian CVE list. When the file is outdated, we can hopefully generate it from the control files in the archive. :) Happy hacking, -- Petter Reinholdtsen _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
