On 2016-12-01 10:34:20, Raphael Hertzog wrote:
> On Tue, 29 Nov 2016, Antoine Beaupré wrote:
>> I wonder if we should standardize something about this.
>>
>> I usually name security patches with the following scheme:
>> debian/patches/CVE-XXXX-YYYY(-commithash)?.patch
>
> I use CVE-XXXX-YYYY(-patchnumber)?.patch as some issues require multiple
> patches to be fixed. But I do not embed the commit hash, it's already
> present in the meta-data and does not provide anything useful.
True. It also breaks down if you have to modify the patch, which is
often. I guess it's the framework I used in charybdis to factor in
upstream patches that did *not* require modification.. :)
a.
--
Government is the Entertainment division of the military-industrial
complex.
- Frank Zappa
