On Wed, Sep 25, 2019 at 03:14:26PM -0000, Viliam Križan wrote:
Hello Kevin,
Sorry for late reply (I did not got it into my mailbox).
No worries.
Yep.
Also:
https://pagure.io/releng/issue/7793
If that is that what you had in mind, then that depends on reading
the security trackers (bugs with SecurityTracking keyword). Those bugs have the required
information to process them, where severity maps to the impact of a vulnerability.
Product Security will stop using the whiteboard field at all on CVE bugs. However, there
will be means to retrieve the impact information from the bug's severity. Product
Security will keep creating bugs for affected components in Fedora.
ok. I guess when we have someone implementing the above they can look
further into it.
Thanks for the info.
kevin