Hi Roberto See below.
On Fri, 12 Apr 2024 at 00:14, Roberto C. Sánchez <robe...@debian.org> wrote: > On Thu, Apr 11, 2024 at 10:23:13PM +0200, Ola Lundqvist wrote: > > I hope you do not mind me asking but there is one thing that I would > > like to check. > > > > When I look at this CVE that was previously postponed: > > https://security-tracker.debian.org/tracker/CVE-2019-12214 > > > > The information tells that the vulnerability my in fact not be in > > freeimage at all. > > For this I think "undetermined" tag is typically used instead of postponed. > > Should I change? > > > I would recommend against changing it. *We* think that it may not be an > issue in freeimage, but that is based on Hugo's speculation. I don't > think "undetermined" is meant to be used in this case. Thank you. I get your point. I thought that was "not-affected" when we are sure it is not affected. I thought undetermined was just that, we have not been able to determine. Cheers // Ola ... -- --- Inguza Technology AB --- MSc in Information Technology ---- | o...@inguza.com o...@debian.org | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
