more (minor) complaints about update notice formating (Re: Fedora Core 2 Update: cups-1.1.20-11.10)

Matthew Miller mattdm at mattdm.org
Thu Jan 20 14:59:09 UTC 2005


On Thu, Jan 20, 2005 at 12:09:41PM +0000, Tim Waugh wrote:
> ---------------------------------------------------------------------
> Fedora Update Notification
> FEDORA-2005-044
> 2005-01-20
> ---------------------------------------------------------------------
[...]
> This package fixes a buffer overflow which may possibly allow attackers
> to execute arbitrary code as the "lp" user.  The Common Vulnerabilities
> and Exposures projects (cve.mitre.org) has assigned the name
> CAN-2005-0064 to this issue.

When there are updates for security problems, it would be very, very helpful
to me if these have the tag "[SECURITY]" at the beginning of the subject.
Like this:

<https://www.redhat.com/archives/fedora-announce-list/2005-January/msg00001.html>

And I think that'd be useful for others as well, especially when browsing
the archives. Here, we use it to automatically file urgent bugs in our own
bugzilla tracking system so we know to push updates to all of our systems as
soon as possible. Non-security updates get less urgency. It's very nice for
a simple script to be able to tell the difference, but, lacking good AI :) I
really depend on the tag from you guys.

Thanks!

-- 
Matthew Miller           mattdm at mattdm.org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>




More information about the fedora-list mailing list