On Fri, 14 Feb 2025 17:12:48 +0000, Colin Watson <cjwat...@debian.org> wrote: >On Fri, Feb 14, 2025 at 03:28:35PM +0100, Marc Haber wrote: >> Especially if the list just goes the (wrong) way of so many commercial >> security tools and/or consultants who just compare version numbers and >> flag our stable versions as vulnerable regardless whether we have >> patched vulnerabilities or not. > >But it doesn't. Santiago's using the data from the security tracker to >determine whether CVEs are open.
Good. Don't we have debsecan for that? Or the security tracker itself? Greetings Marc -- ---------------------------------------------------------------------------- Marc Haber | " Questions are the | Mailadresse im Header Rhein-Neckar, DE | Beginning of Wisdom " | Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 6224 1600402
