| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 01/09/2014 10:42 AM, Alex Legler wrote: |
| 5 |
> On 09.01.2014 01:08, Chris Reffett wrote: |
| 6 |
>> On 01/07/2014 08:42 PM, Tobias Heinlein wrote: |
| 7 |
>>> On 08.01.2014 02:40, Tobias Heinlein wrote: |
| 8 |
>>>> Our new approach works more like a whitelist; |
| 9 |
>> |
| 10 |
>>> "more like a blacklist", that is. |
| 11 |
>> |
| 12 |
>> |
| 13 |
>> I kind of would like the workaround field to remain (but perhaps |
| 14 |
>> be optional) since I have seen a few vulns that actually did |
| 15 |
>> have functional workarounds. Not absolutely necessary. |
| 16 |
>> |
| 17 |
> |
| 18 |
> Does it need to have its own field, can't it be part of the |
| 19 |
> (temporary) resolution? |
| 20 |
> |
| 21 |
>> Chris Reffett |
| 22 |
>> |
| 23 |
> |
| 24 |
I guess it would work as part of the resolution, perhaps we could have |
| 25 |
a template for "A temporary fix for this issue is also available: ..." |
| 26 |
for that. Didn't think of that. |
| 27 |
-----BEGIN PGP SIGNATURE----- |
| 28 |
Version: GnuPG v2.0.22 (GNU/Linux) |
| 29 |
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ |
| 30 |
|
| 31 |
iKYEARECAGYFAlLOw+RfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl |
| 32 |
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEM2NzU5RjUyMDczREJDQkVDQTBDRkE1NERC |
| 33 |
Nzk1QThBNDI2MTgzNTQACgkQ23laikJhg1SKEgCeLuRlJxXSQFNDpVH23uXlrBEQ |
| 34 |
tFcAnRLbKzzL5KSWHpfu4LX0SxJA0jWA |
| 35 |
=92Vy |
| 36 |
-----END PGP SIGNATURE----- |
Archives