Quick question: would it make sense to have somewhere: - A common (computer/human readable) format for vulnerability disclosures - A common format for bugfix publications ? I was thinking something like: Software name: foo-package Software version: 2.4-2.6,3.1 Vulnerability type: ... . . . And also some documentation on how to fill in each (eg. vulnerability type)? And specify that these be text attachments to e-mails, or something, so that computers can read them, and people can read them, and it'll make everything easy. Is there something like this already, or another forum where I should be asking this instead? :) -- Tim Nelson Systems Administrator Sunet Internet Tel: +61 3 5241 1155 Fax: +61 3 5241 6187 Web: http://www.sunet.com.au/ Email: sysadmin@sunet.com.au
