Open pombredanne opened 2 years ago
There are currently some Aliases from bug tracking systems where the Alias value is just a number. We need to come up with some way to make these Aliases more comprehensible - probably defined at the time that we start collecting such data. Some examples for VCID-9hud-dkbs-aaap are:
For these it might make sense to use Aliases like bugzilla.redhat.com-1930423 and bugs.debian.org-983664.
A vulnerability alias is designed to be strong identifiers. We want to to document and validate what we can use as aliases, such as a CVE prefixed CVE id.