Accepted konversation 0.15.1-0ubuntu1 (source)

Sivan Green sivan at piware.de
Mon Jan 24 15:03:07 CST 2005


On 06:37, Thu 20 Jan 05, Fabio Massimo Di Nitto wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Jonathan Riddell wrote:
> 
> |    * SECURITY UPDATE: Fixes multiple security vulnerabilities
> 
> Hi Jonathan,
> 
> when there are security updates, it would be ideal if you can add the
> CVE references to the changelog. It will save a lot of time to you
> in the future to track what has been fixed and when, and the users
> will know as well. You can check an example on how we usually do for
> the kernel:
> 

Fabbione couldn't be more right! I recall when I did
security review before the warty release, changlog entries
which included the CVE were very easy to track and decided
upon where as those that didn't took much more time to
figure out...

Sivan



More information about the ubuntu-devel mailing list