[Pkg-cacti-maint] Bug#743565: cacti: CVE-2014-2708 CVE-2014-2709
Paul Gevers
elbrus at debian.org
Sat Apr 5 07:38:56 UTC 2014
Control: found -1 0.8.7g-1+squeeze3
Control: found 742768 0.8.7g-1+squeeze3
On 04/03/14 21:30, Salvatore Bonaccorso wrote:
> If you fix the vulnerabilities please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
Hi security team,
Do you consider these vulnerabilities severe enough to require fixing
through security updates, or is the update via (old-)stable-updates good
enough? The last fix CVE-2014-2327 is still being made, but I can (and
am preparing) upload fixes for the other four current CVE issues. Do you
want me to get the current fixes already in, or wait one more week to
get all five fixes into Debian in one go. (For the record, I will upload
the four fixes to sid real soon anyways).
Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-cacti-maint/attachments/20140405/9b3260a2/attachment.sig>
More information about the Pkg-cacti-maint
mailing list