CVE fmt: uses YYYY-NNNN format which is wrong: should use CVE-YYYY-NNNN format
Bug #119361 reported by
Kees Cook
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Triaged
|
Low
|
Unassigned | ||
Bug Description
When linking or displaying CVEs, Malone needs to make sure the name is correctly shown/parsed as CVE-YYYY-NNNN, so that search engines will be able to make sense of the links. The correct naming convention for CVEs is that they must start with "CVE". Currently, all the links show just YYYY-NNNN.
Other places that would be useful to use the convetion:
- "Link to CVE" page needs to take full CVE name, including "CVE-" prefix
- "CVE Reference" box for bugs that have linked CVEs
- CVE page needs missing dash between "CVE" and index number (e.g. lhttps:
- CVE url paths should be valid with cve prefix too (e.g. https:/
searches need to support CVE-YYYY-NNNN too.
Revision history for this message
| Diogo Matsubara (matsubara) wrote | #1 |
| Changed in malone: | |
| status: | New → Incomplete |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
Revision history for this message
| Diogo Matsubara (matsubara) wrote Re: All places mentioning CVE indexes should use CVE-YYYY-NNNN format | #3 |
| description: | updated |
| Changed in malone: | |
| status: | Incomplete → Confirmed |
| tags: | removed: fix-it-friday |
| tags: | added: platform-want |
| Changed in launchpad: | |
| status: | Confirmed → Triaged |
| importance: | Undecided → Low |
| tags: | added: confusing-ui |
| summary: |
- All places mentioning CVE indexes should use CVE-YYYY-NNNN format + CVE fmt: uses YYYY-NNNN format which is wrong: should use CVE-YYYY-NNNN + format |
| description: | updated |
To post a comment you must log in.
Hi Kees,
I guess you mean the CVE reference box in a bug page, right? Is there any other place that needs updating?
Thanks for the report.