Bug#528281: closed by Nico Golde <nion at debian.org> (Re: Bug#528281: gnutls26: CVE-2009-1417 certificate expiration vulnerability)
Michael S. Gilbert
michael.s.gilbert at gmail.com
Fri May 15 19:02:09 UTC 2009
On Fri, 15 May 2009 20:50:47 +0200, Nico Golde wrote:
> Hi,
> * Michael S. Gilbert <michael.s.gilbert at gmail.com> [2009-05-15 19:45]:
> > On Tue, 12 May 2009 00:03:05 +0000, Debian Bug Tracking System wrote:
> > > This is an automatic notification regarding your Bug report
> > > which was filed against the gnutls26 package:
> > >
> > > #528281: gnutls26: CVE-2009-1417 certificate expiration vulnerability
> >
> > does it make sense to close this bug since etch/lenny are still
> > vulnerable? from my perspective, it is better to keep the bug open so
> > that it stays on the maintainer's radar.
>
> You are aware of the fact that our BTS knows about versions?
yes, but closing the bug moves it down to the resolved section of the
bug pages, which makes it much more likely to be mistakenly overlooked.
More information about the Pkg-gnutls-maint
mailing list