1 |
On 08.01.2014 02:14, Alex Legler wrote: |
2 |
> Reads as follows: |
3 |
> On hppa, there is no fixed version. |
4 |
> On all other arches, python in slot 3.2 is fixed in >=3.2.9, affected |
5 |
> for anything less, in the 3.3 slot, [3.3.0; 3.3.1[ and [3.3.3; 3.3.5[ |
6 |
> are affected, for the 0 slot, anything <6.3 is affected. |
7 |
|
8 |
I fear this less commonly used interval notation may not be known to |
9 |
some people. See [1] for an explanation. |
10 |
|
11 |
Further notes on that: |
12 |
|
13 |
- If no slot attribute is given, it defaults to slot 0 (same as |
14 |
Portage). |
15 |
- Our existing (old) scheme employs a whitelist approach: We usually |
16 |
only have one <vulnerable> entry and then list the <unaffected> versions |
17 |
explicitly. Our new approach works more like a whitelist; if an entry |
18 |
without the asof attribute (and possibly without a slot attribute) is |
19 |
given, we sort of get the old behaviour. |
20 |
|
21 |
> - Human-readable texts reworked: Background + Description + Resolution |
22 |
> instead of (Synopsis) + Background + Description + Impact + Resolution. |
23 |
|
24 |
The workaround field is also gone now. We never used it anyway, and it's |
25 |
just another human-readable field that could as well be merged with the |
26 |
resolution field. |
27 |
|
28 |
|
29 |
[1] http://en.wikipedia.org/wiki/Interval_(mathematics) |