On Wed, 2004-05-12 at 11:32 +0200, Leonard den Ottolander wrote:
Hi Mark,
Over the last few days we've been doing some checking of FC1 and FC2 security issues.
Thanks for the update, but instead of using only CAN numbers it would be more clear to most when you'd also name the involved packages.
Leonard.
Perhaps simply a suggestion of where people should find more information. The purpose of CAN numbers is to clearly, unambiguously, identify issues... so people won't have to explain each issue -- they could indirectly involve numerous packages...
The initial email was from a 'compulsive reader of security lists' so it was fair to assume he knew this.
For CAN-2004-0113 for instance... http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-0113