[Secure-testing-team] "testing security issues" - PuTTY
Joey Hess
joeyh at debian.org
Thu Feb 24 02:45:18 UTC 2005
Jacob Nevins wrote:
> [I'm not a Debian developer, but part of upstream for PuTTY. Apologies
> if this is none of my business, or I should have left it to Colin.]
>
> I note that putty, which has a security bug (#296144) fixed in unstable
> but not yet testing, is not currently on the list at
> <http://merkel.debian.org/~joeyh/testing-security.html> which was
> advertised on debian-devel* recently (nor the one on newraff.debian.org).
> The bug was filed, and the upload made, three days ago.
>
> I'm not sure how things get on your list; I'm mailing you in case it
> should already be on the list. (I have an ulterior motive, of course, to
> try to ensure the 0.57 security fix gets into sarge -- especially since
> it currently appears to be held up by xfree86-fubar'd buildd's.)
>
> FWIW, I added a CVE ID to the bug report, but only after it was closed
> (I didn't know it before that!)
>
> Again, sorry if this is unnecessary interference.
Thanks for the info. Nobody on the team had processed CAN-2004-1440 yet.
I've added the info about the fix to our database.
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050223/a20fe3aa/attachment.pgp
More information about the Secure-testing-team
mailing list