* John Helmert III schrieb am 10.11.22 um 14:19 Uhr: > On Thu, Nov 10, 2022 at 02:10:09PM +1000, Marc Schiffbauer wrote: > > * Sam James schrieb am 10.11.22 um 13:58 Uhr: > > > > > > I think we'd rename impact -> description but description would now > > > be "description of the problem" and not "description of the package". > > > > > > +1, but additionally having the short description of the package sounds > > still useful to me, as not always everybody knows what any package is > > exactly for and the description will help a lot in telling the > > impact/danger of your own infra that might be caused by that package. > > > > -Marc > > Are you saying you rely on the background field, which is generally > just the package's DESCRIPTION? Maybe glsa-check should just spit out > the package's DESCRIPTION then too.
Sometimes the GLSA-Mails will be send to some team mailbox for example, and a teammember has to decide how urgent an update may be. Having a little description for the software mentioned in the GLSA is helpful then.
signature.asc
Description: PGP signature
