Subject: Re: download-vulnerability-list bug?
To: Sean Davis <email@example.com>
From: None <firstname.lastname@example.org>
Date: 10/20/2002 15:17:34
>When trying to update the vulnerability list with download-vulnerability-list
>just now, I got:
>New vulnerability list (21149 bytes) is smaller than existing list (21151 bytes)
>So, I downloaded the new one and diffed it against the one I had:
>--- vulnerabilities.orig Sun Oct 20 01:43:04 2002
>+++ vulnerabilities Thu Oct 17 09:47:35 2002
>@@ -1,4 +1,4 @@
>-# $NetBSD: pkg-vulnerabilities,v 1.197 2002/10/16 23:39:09 itojun Exp $
>+# $NetBSD: pkg-vulnerabilities,v 1.199 2002/10/17 13:47:08 tron Exp $
> # Note: NEVER remove entries from this file; this should document *all*
> # known package vulnerabilities so it is entirely appropriate to have
>Perhaps download-vulnerability-list should strip the RCS id out of the files
>before comparing sizes?
or, comparing the size is not a good idea. we can't assume that the
file grows constantly (like above, and like correction of URL).