Author: luciano
Date: 2014-01-26 15:56:14 +0000 (Sun, 26 Jan 2014)
New Revision: 25370
Modified:
doc/narrative_introduction
Log:
On TODO: check
Modified: doc/narrative_introduction
===================================================================
--- doc/narrative_introduction 2014-01-26 14:37:28 UTC (rev 25369)
+++ doc/narrative_introduction 2014-01-26 15:56:14 UTC (rev 25370)
@@ -391,6 +391,15 @@
allows remote ...)
TODO: check, whether fastjar from the gcc source packages is affected
+If you are not sure about some decision (e.g. which package is affected) or
+classification (e.g. bug severity) you can leave a TODO note for reviewing,
+explaining which aspect have to be reviewed. For example:
+
+CVE-2013-7295 (Tor before 0.2.4.20, when OpenSSL 1.x is used in ...)
+ - tor 0.2.4.20-1 (low)
+ [wheezy] - tor <no-dsa> (Minor issue)
+ TODO: review, severity. The exploitation scenario is too complicated.
+
It is also useful to add information to issues as you find it, so that
when others go to look at an issue and want to know why you marked it
as you did, or need a reference, it will be there. The more
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
