Re: [xml] Are CVE git tags still used?

[林自均 <johnlinp gmail com>]

Hi Daniel,

Do you mean that you don't have the CVE list? I thought the information on Bugzilla would be sufficient?

Best,

John Lin

Daniel Veillard <veillard redhat com> 於 2017年9月5日 週二 下午4:31寫道：

On Tue, Sep 05, 2017 at 08:25:16AM +0000, 林自均 wrote:
> Hi Daniel,
>
> I saw 2.9.5 was released. Can you kindly tag those CVE in git? Thanks!
>
> Best,
> John Lin

  The problem is that I don't have a list doing the mapping,
only few informations in commit logs,

Daniel

> 林自均 <johnlinp gmail com> 於 2017年7月28日 週五 下午9:54寫道：
>
> > Hi Daniel,
> >
> > Thanks for the reply! Looking forward to your tags.
> >
> > Best,
> > John Lin
> >
> > Daniel Veillard <veillard redhat com> 於 2017年7月27日 週四 下午2:11寫道：
> >
> >> On Mon, Jul 10, 2017 at 02:08:15AM +0000, 林自均 wrote:
> >> > Hi folks,
> >> >
> >> > I am considering to apply some CVE patches from the upstream. For
> >> example,
> >> > there is a patch "c1d1f712" for CVE-2016-4658 described on the Red Hat
> >> > bugzilla page:
> >> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4658
> >> >
> >> > However, I don't see the CVE git tag for the commit ("c1d1f712") in the
> >> > upstream git tree. I used to see those tags before the release 2.9.4 and
> >> > they are really helpful.
> >> >
> >> > Should I expect to see those tags again in the future? Thanks!
> >> >
> >> > Best,
> >> > John Lin
> >>
> >>   yes I need to walk though the list and retag them in git,
> >>
> >> Daniel
> >>
> >> --
> >> Daniel Veillard      | Red Hat Developers Tools
> >> http://developer.redhat.com/
> >> veillard redhat com  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
> >> http://veillard.com/ | virtualization library  http://libvirt.org/
> >>
> >

--
Daniel Veillard      | Red Hat Developers Tools http://developer.redhat.com/
veillard redhat com  | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | virtualization library  http://libvirt.org/