Code review comment for ~litios/ubuntu-cve-tracker:kinetic-eol-cves-update
Revision history for this message
| Steve Beattie (sbeattie) wrote | # |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Thu, Jul 27, 2023 at 04:58:57PM -0000, Amir Naseredini wrote:
> Thanks for the PR David.
>
> Just a couple of minor things to mention:
> - In cases like below, is the version of any value for us later? if so,
> can we keep it like other extra information that we keep in square
> brackets (like `[<date>]`)?
>
> ```
> -kinetic_linux: pending (5.19.0-47.49)
> +kinetic_linux: ignored (end of life, was pending)
> ```
>
> I also think cases like below are in a grey area and a bit confusing:
>
> ```
> -jammy_linux-riscv: ignored (was needs-triage now end-of-life)
> +jammy_linux-riscv: ignored (end of life, was needs-triage)
> ```
> mostly in CVEs we use `ignored (end of life, was needs-triage)` as in
> EOL of the release, however, in this case (and other similar cases) it's
> not about `jammy`! and since they have different meanings, I believe
> their comment could/should be different too.
Right, we should transition this particular case to
jammy_
in both the boilerplate, and in the cases where the kernel team has
triaged it as end-of-life.
--
Steve Beattie
<email address hidden>