Hi Debian Security and LTS teams I have written a tool that checks the CVE database for conditions where triaging consideration(s) should be re-considered.
The two caes I have in the tool so far are: - Fixed in previous release but no-dsa, postponed or ignored in current release. - Postponed in previous and next release, but no-dsa in current. It is easy to extend the tool with more cases. You can find the tool here: https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/193 The default release to check is the LTS release but you can provide the release name as an option to the tool and it will then check for that instead. The reason for this is that the primary use is for LTS triaging, but I wrote this tool to be useful also for the stable release triaging work as well. There are no checks for whether previous and next release works so you can not really use it to check "sid" and "potato". I guess it is not the most important use-case so I have skipped that. The output is identical to lts-cve-triage.py and the proposal is to call it from lts-cve-triage.py as well. I have made an option to allow this step to be excluded. More information available in: https://salsa.debian.org/security-tracker-team/security-tracker/-/issues/31 and https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/69 Comments are welcome. Cheers // Ola -- --- Inguza Technology AB --- MSc in Information Technology ---- | o...@inguza.com o...@debian.org | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | ---------------------------------------------------------------
