* Santiago Ruano Rincón <santiag...@riseup.net> [250213 20:21]: > Here attached you can find a list of packages that have ever had a > security issue **and** whose packaged version is not "up to date", > according to the uscan results. It is sorted by the number of currently > open CVEs in sid (the first "column"), and by the number of security > issues ever (second "column"). > > So, this is a call for comments: is this kind of package list useful?
Just having the list does not add anything new. All software can have security bugs, so this list devolves to "packages that are not uptodate wrt to upstream". ddpo already has my list of packages that I should be updating. Chris
