Am 26.08.2011 18:55, schrieb Alex Legler:
> Compared to other distributions, our advisories have been rather detailed with
> lots of manually researched information. I'm not sure if we can keep up this
> very high standard with the limited manpower, but we'll try our best.

I see the point. I think it would be an achievement over the current situation 
(which is: no current GLSAs at all) to send out less detailed GLSAs. Even 
something short as: "$PACKAGE has vulnerabilities, they are fixed in $VERSION, 
for details see $CVE" would be immensely helpful.

Is the any viable way to get it at least to this point? Probably the largest 
part of such a task could be automated. This would lift the burden from the 
security maintainers.

Regards

Christian

-- 
Dipl.-Inf. Christian Kauhaus <>< · kc@... · systems administration
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1
Zope and Plone consulting and development