Indeed, this really can make SRU/security tracking difficult. See for instance but #163845 . In this case we are tracking a security vulnerability in python (and all python versions are vulnerable). Only certain releases are relevant for a particular python package. Python 2.2 and 2.3 only needs a dapper task, python 2.4 needs all current releases and python 2.5 only needs gutsy, feisty, and edgy tasks. So, we ended up having to have tasks for all releases for all python versions.
Indeed, this really can make SRU/security tracking difficult. See for instance but #163845 . In this case we are tracking a security vulnerability in python (and all python versions are vulnerable). Only certain releases are relevant for a particular python package. Python 2.2 and 2.3 only needs a dapper task, python 2.4 needs all current releases and python 2.5 only needs gutsy, feisty, and edgy tasks. So, we ended up having to have tasks for all releases for all python versions.