> it would also be nice to have a bug-ID/CVE to track and organize the > upgrades. The concern is that people would then start trying to find the CVE descriptions which aren't available yet.