El 16/02/25 a las 21:15, Marco d'Itri escribió: > On Feb 14, Colin Watson <cjwat...@debian.org> wrote: > > > But it doesn't. Santiago's using the data from the security tracker to > > determine whether CVEs are open. > And in the case of one of my own packages these CVEs have not yet been > fixed upstream, not even in an unreleased branch.
Yes, and those are examples of the "false positive" cases I was referring to originally. I am not aware of any way to automatically filter them, as of today.
signature.asc
Description: PGP signature
