From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B58F4158020 for ; Thu, 10 Nov 2022 04:10:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 73F32E0928; Thu, 10 Nov 2022 04:10:33 +0000 (UTC) Received: from mx10.schiffbauer.net (mx10.schiffbauer.net [IPv6:2a01:4f8:222:30c7::2]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 2BE64E0922 for ; Thu, 10 Nov 2022 04:10:33 +0000 (UTC) Received: from [206.83.114.33] (port=56664 helo=bart) by mx10.schiffbauer.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1osytb-0008Ro-DR for gentoo-dev@lists.gentoo.org; Thu, 10 Nov 2022 05:10:31 +0100 Date: Thu, 10 Nov 2022 14:10:09 +1000 From: Marc Schiffbauer To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [RFC] A new GLSA schema Message-ID: <20221110041009.ntkmlsrfi6au4r2o@schiffbauer.net> Mail-Followup-To: gentoo-dev@lists.gentoo.org References: <2D2DD2C1-019D-4305-A3C1-AAC867D28F50@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="k6th4ifxlkina4aw" Content-Disposition: inline In-Reply-To: <2D2DD2C1-019D-4305-A3C1-AAC867D28F50@gentoo.org> X-Virus-Scanned: by ClamAV (http://www.clamav.org) X-Archives-Salt: 5bcd4c66-0fd6-4f82-ab83-fa9070c55b20 X-Archives-Hash: b2a97a8bf9096b96e2a39fe6354d3a86 --k6th4ifxlkina4aw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Sam James schrieb am 10.11.22 um 13:58 Uhr: >=20 > I think we'd rename impact -> description but description would now > be "description of the problem" and not "description of the package". +1, but additionally having the short description of the package sounds=20 still useful to me, as not always everybody knows what any package is=20 exactly for and the description will help a lot in telling the=20 impact/danger of your own infra that might be caused by that package. -Marc --k6th4ifxlkina4aw Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEMQyApFXSKKmBt8XxODfGO0Yy7b8FAmNseaEACgkQODfGO0Yy 7b+XUxAAt3JtMrGQR7ymPraKnqarZ16GqojBhP+gsfoIxXUEsS5R4f/YHrSNByUG oGGlCfrnqdAkSj8tucijvtkRc3JtyEMBf2zNhsF9LKJ/h+BJ3IHn6L87mkefIQ/T 36YePJlelsk1GP/aXb4iKt7rAFe0lh05kM3hcrLrHPuhmk4sLudbV+JblYYbfUL9 q6VMEbbrXVsJekB30tTxcbnudWOgzF8KRLRwD3aOhzEf7nnGOVUlfFPFaewjfMA7 /XkEn1P7wwWZmYoDjEYoiP/O4LFjadZhR+WM4S2mahPiUQF4Y6NfHNBe5yyAnJRK GdfjbwLOTF0zayQ7sRiQg7ELCxJcCPf6Sc5cBRLEjTOkx13NOopWLKuBzhbOUQKn pNM9GbEd2fyfDI4dBJe9XliQXkFAiGw5ZI+IWWKPuscet8odiHEqovZDotgpIaBH HTALjcut1cUGZwwVzeTnpJuT4Fzr3ijslRE1jWPpEV/xJSKQngPIWDHF5RaWjRaG fFWbJNEtwN6wvm/LqIo8siqW0xdo0oy2YBrERZu+tw7rStYvJV8GJvXedRqS5kBd 7D9aunTo1ycUyhL3GreZmsrAp0017Q2IRJZSC4xJfYBQtIA5B0trfhfRA0Lfnhlz Y26CNNgnofqlqXyXg1iOrIMjR2P9UOEUbqgG3/8t9Kkqa+dsh/E= =94t4 -----END PGP SIGNATURE----- --k6th4ifxlkina4aw--