Bug#807892: lintian: warn about using TEMP CVE identifiers in debian/changelog

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#807892: lintian: warn about using TEMP CVE identifiers in debian/changelog
From: Paul Wise <pabs@debian.org>
Date: Mon, 14 Dec 2015 15:18:27 +0800
Message-id: <[🔎] 1450077507.6035.39.camel@debian.org>
Reply-to: Paul Wise <pabs@debian.org>, 807892@bugs.debian.org

Package: lintian
Severity: wishlist
X-Debbugs-CC: security@debian.org

Please warn about the use of TEMP CVE identifiers in debian/changelog.
These identifiers are temporary and go away when CVEs are assigned so
they are not at all useful to record.

The regex is TEMP-\d{7}-\d{6} (case sensitive):

https://anonscm.debian.org/viewvc/secure-testing/lib/python/sectracker/parsers.py?view=markup#l262

Various folks make this mistake, some examples:

https://bugs.debian.org/807855
https://bugs.debian.org/799019
https://codesearch.debian.net/search?q=path:debian/changelog%20TEMP-

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Bug#807892: lintian: warn about using TEMP CVE identifiers in debian/changelog
  - From: Jakub Wilk <jwilk@debian.org>

Prev by Date: [lintian] branch master updated (4dd0fe5 -> 16ca04e)
Next by Date: Processed: forcibly merging 787929 807892
Previous by thread: [lintian] 09/10: spelling: Add "emtpy"
Next by thread: Bug#807892: lintian: warn about using TEMP CVE identifiers in debian/changelog
Index(es):
- Date
- Thread