[Secure-testing-team] "testing security issues" - PuTTY
Jacob Nevins
jacobn+debian at chiark.greenend.org.uk
Thu Feb 24 02:07:58 UTC 2005
[I'm not a Debian developer, but part of upstream for PuTTY. Apologies
if this is none of my business, or I should have left it to Colin.]
I note that putty, which has a security bug (#296144) fixed in unstable
but not yet testing, is not currently on the list at
<http://merkel.debian.org/~joeyh/testing-security.html> which was
advertised on debian-devel* recently (nor the one on newraff.debian.org).
The bug was filed, and the upload made, three days ago.
I'm not sure how things get on your list; I'm mailing you in case it
should already be on the list. (I have an ulterior motive, of course, to
try to ensure the 0.57 security fix gets into sarge -- especially since
it currently appears to be held up by xfree86-fubar'd buildd's.)
FWIW, I added a CVE ID to the bug report, but only after it was closed
(I didn't know it before that!)
Again, sorry if this is unnecessary interference.
More information about the Secure-testing-team
mailing list