On Feb/12, Brian May wrote: > > - imagemagick in squeeze appears to only be vulnerable > > TEMP-0811308-B63DA1[0]. > > This is five separate issues. See #811308. So does it make sense to ask > for a separate CVE for each issue?
"Having a CVE associated to each security issue is definitely a plus, at the very least for those issues serious enough to be fixed via a DSA/DLA" stills stands :) Cheers, --Seb
