From: Martin H. <mar...@si...> - 2016-03-14 09:40:05
|
Dear Rene, > Forwarded that to your security team and they pointed me to > https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/ > > But that lists mnore/different CVEs? What about that? > > And: Why could this be mentioned there and not here when people ask about > what the exact issues are? I mean, CVEs are nice, but infos like > this are needed to write the advisory without you or the advisory > writer looking bad. Probably because that was the first I heard of it. I have a correspondence list between CVEs and commit hashes should anyone want it offline. > That said, we got a DSA now yesterday finally: > https://www.debian.org/security/2016/dsa-3515DSA This page didn't come up for me. Yours, Martin |