Hi,
In my reports mailed to me by the apticron package, it lists an urgency field which gives me a sense of how critical the given patch is.
I've shown these reports to our security dept in order to prove that we're on top of updates. I'm now being asked how these urgency levels are determined. IE. CVSS standard or something similar.
Does anyone know where to find this information or where it might be documented?
Thanks
Bookmarks