630750 – GLSAs contain HTTP links to CVEs

Bug 630750 - GLSAs contain HTTP links to CVEs

Summary: GLSAs contain HTTP links to CVEs

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	GLSA Errors (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-09-11 22:19 UTC by Hanno Böck
Modified:	2018-03-19 00:10 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanno Böck gentoo-dev

2017-09-11 22:19:26 UTC

In the GLSAs, e.g.
https://security.gentoo.org/glsa/201709-01
there's always a link to the CVE. It currently links to the HTTP version of the CVE page. This should be changed to HTTPS.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2017-09-28 20:59:51 UTC

Old links converted: https://gitweb.gentoo.org/data/glsa.git/commit/?id=612f47deca97e8d7ffc2100c1dbc82a602abdf39

We will keep this bug open until we have pushed a fix to GLSAmaker to produce HTTPS link only.

Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev

2018-03-19 00:10:08 UTC

This done for a while, GLSAmaker changes are live.