Code review comment for ~flor-cabral/ubuntu-cve-tracker:CVE-2021-37146

On Wed, Sep 28, 2022 at 03:19:17PM -0000, Florencia Cabral wrote:
> Add statuses for Xenial (ROS Kinetic) and Bionic (ROS Melodic)
> distros for the ROS ESM supported packages ('ros-kinetic-ros-comm',
> and 'ros-melodic-ros-comm').

Are `ros-melodic-ros-comm` and `ros-kinetic-ros-comm` the actual pacakge
names distributed in ros?

(The reason I ask is that these are breaking the sync process
with the cve web site because there aren't corresponding
upstream_ros-kinetic-ros-comm and upstream_ros-melodic-ros-comm
entries; check-syntax also complains about these missing. I think
this is possibly a bug in our tools but I'm not really thinking very
clearly about it this morning.)

> You are subscribed to branch ubuntu-cve-tracker:master.

> diff --git a/active/CVE-2021-37146 b/active/CVE-2021-37146
> index ab384c4..d12a896 100644
> --- a/active/CVE-2021-37146
> +++ b/active/CVE-2021-37146
> @@ -39,3 +39,5 @@ hirsute_ros-ros-comm: ignored (reached end-of-life)
> impish_ros-ros-comm: ignored (reached end-of-life)
> jammy_ros-ros-comm: needs-triage
> devel_ros-ros-comm: needs-triage
> +xenial_ros-kinetic-ros-comm: not-affected
> +bionic_ros-melodic-ros-comm: released

--
Steve Beattie
<email address hidden>