Comment 10 for bug 1775329

Ok so any guidance as to how to proceed - Jeremy do you have a preference for how this should work? Would you like it to also support Debian in a similar manner and link to the Debian CVE tracker? In this case would you prefer runtime detection (via say /etc/os-release) or compile-time selection of which CVE tracker to link to?