[Question] Documenting platform implications on CVE to git
- Date: Fri, 6 Oct 2017 09:28:32 -0400
- From: "Randall S. Becker" <rsbecker@xxxxxxxxxxxxx>
- Subject: [Question] Documenting platform implications on CVE to git
I wonder whether there is some mechanism for providing official responses
from platform ports relating to security CVE reports, like CVE-2017-14867.
For example, the Perl implementation on HPE NonStop does not include the SCM
module so commands relating cvsserver may not be available - one thing to be
verified so is a question #1. But the real question (#2) is: where would one
most appropriately document issues like this to be consistent with other
platform responses relating to git?
-- Brief whoami: NonStop&UNIX developer since approximately
-- In my real life, I talk too much.