| 1 |
On 08.01.2014 02:14, Alex Legler wrote: |
| 2 |
> Reads as follows: |
| 3 |
> On hppa, there is no fixed version. |
| 4 |
> On all other arches, python in slot 3.2 is fixed in >=3.2.9, affected |
| 5 |
> for anything less, in the 3.3 slot, [3.3.0; 3.3.1[ and [3.3.3; 3.3.5[ |
| 6 |
> are affected, for the 0 slot, anything <6.3 is affected. |
| 7 |
|
| 8 |
I fear this less commonly used interval notation may not be known to |
| 9 |
some people. See [1] for an explanation. |
| 10 |
|
| 11 |
Further notes on that: |
| 12 |
|
| 13 |
- If no slot attribute is given, it defaults to slot 0 (same as |
| 14 |
Portage). |
| 15 |
- Our existing (old) scheme employs a whitelist approach: We usually |
| 16 |
only have one <vulnerable> entry and then list the <unaffected> versions |
| 17 |
explicitly. Our new approach works more like a whitelist; if an entry |
| 18 |
without the asof attribute (and possibly without a slot attribute) is |
| 19 |
given, we sort of get the old behaviour. |
| 20 |
|
| 21 |
> - Human-readable texts reworked: Background + Description + Resolution |
| 22 |
> instead of (Synopsis) + Background + Description + Impact + Resolution. |
| 23 |
|
| 24 |
The workaround field is also gone now. We never used it anyway, and it's |
| 25 |
just another human-readable field that could as well be merged with the |
| 26 |
resolution field. |
| 27 |
|
| 28 |
|
| 29 |
[1] http://en.wikipedia.org/wiki/Interval_(mathematics) |
Archives