On Wed, Aug 09, 2017 at 07:11:16AM -0400, Roberto C. Sánchez wrote:
> > * license of CVE text is unclear -> Moritz rewrites from scratch
> > - generic description of the issue instead of details of functions
> >
> Is it still OK to use verbatim text from a DSA in a DLA? It seems like
> that should be OK, and it is something I do sometimes, as the DSAs are
> frequently published first and I feel like sharing the same summary text
> regarding a particular vulnerability keeps everything consistent.
Definitely, feel free to do that. My concern was only about the CVE
descriptions published at mitre.org
Cheers,
Moritz
