On Tue, 2005-02-01 at 09:50 -0500, Jeff Spaleta wrote:
On Tue, 1 Feb 2005 09:28:45 +0000 (GMT), Mark J Cox
<mjc(a)redhat.com> wrote:
> What would be incredibly useful is to move (to being a Provides) the CVE
> names for issues that we're including a backported fix for. Where we've
> moved to an upstream version that contains fixes those CVE names are less
> important as they can be deduced by a simple NV check.
I look forward to building pathological packages that have a requires
on a CVE name provides.
fedora-secure-system
could require all the CVE's that are ciritical to be fixed
yum update fedora-secure-system
would then only pull security updates down....