Re: gdb: Add TODO referencing CVE

To: Leonardo Taccari <leot%NetBSD.org@localhost>, Jason Bacon <bacon%NetBSD.org@localhost>
Subject: Re: gdb: Add TODO referencing CVE
From: Jason Bacon <outpaddling%yahoo.com@localhost>
Date: Sat, 27 Apr 2019 19:21:48 -0500

On 2019-04-17 12:43, Leonardo Taccari wrote:

Hello Jason,

Jason Bacon writes:

[...]
Log Message:
gdb: Add TODO referencing CVE
[...]
+
+https://sourceware.org/bugzilla/show_bug.cgi?id=21600

Isn't it CVE-2017-9778? (if that's the case we have a pkg-vulnerabilities
entry about it and this TODO file can be removed)

Usually we maintain a list of possible vulnerabilities in wip/*/TODO
file in order to integrate them in pkg-vulnerabilities when wip
packages are imported and to make users aware of them.
But for packages already in pkgsrc (non-wip) entries should be in
pkg-vulnerabilities.


Thank you!

I added the TODO to provide a direct link to a clear description of theproblem and to remind myself to see if we can fix the vulnerability andremove gdb from pkg-vulnerabilities on the next commit.


Cheers,

???? JB

References:
- gdb: Add TODO referencing CVE
  - From: Jason Bacon
- Re: gdb: Add TODO referencing CVE
  - From: Leonardo Taccari

Prev by Date: kate: fix typos in DESCR
Next by Date: MesaLib-dfbsd-meson: Update wip/MesaLib-dfbsd-meson to git 2019-04-27
Previous by Thread: Re: gdb: Add TODO referencing CVE
Next by Thread: 389-ds-base: Add reference to CVE-2019-3883
Indexes:

Home | Main Index | Thread Index | Old Index