Date: Thu, 18 Oct 2012 22:35:31 +0200 From: Moritz Muehlenhoff <jmm@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Hi Kurt, Issues only affecting testing/unstable should always be assigned a CVE ID nonetheless. The Debian ecosystem is much more than stable alone: There is a great deal of derivative distributions , which import packages from Debian testing/unstable and having a CVE ID is a convenient way to track whether they are affected.  http://wiki.debian.org/Derivatives/Census Cheers, Moritz
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.