[Secure-testing-team] Tracker inconsistencies?
Francesco Poli
frx at firenze.linux.it
Wed Jul 12 17:39:46 UTC 2006
Hi all!
According to [1], the described issue is fixed in sash:
| sash (PTS) woody 3.4-8.2 fixed
| sarge, sarge (security) 3.7-5sarge1 fixed
| etch, sid 3.7-7 fixed
On the other hand, bug #318246[2] is still open and seems to state
that the issue is still unfixed in sarge.
Is this an inconsistency?
Moreover, according to [1], the issue is unfixed in mysql-dfsg-4.1:
| mysql-dfsg-4.1 (PTS) sarge 4.1.11a-4sarge2 vulnerable
| sarge (security) 4.1.11a-4sarge4 vulnerable
On the other hand, bug #319858[3] claims that mysql-dfsg-4.1 is not
affected.
Who's right? Who's wrong?
Last question: why is bug #332236[4] listed in [1]? It doesn't seem
to be related to CVE-2005-2096...
[1] http://idssi.enyo.de/tracker/CVE-2005-2096
[2] http://bugs.debian.org/318246
[3] http://bugs.debian.org/319858
[4] http://bugs.debian.org/332236
P.S.: As usual, I would like to be Cc:ed on replies, as I am not a
subscriber of the list. Thanks!
--
:-( This Universe is buggy! Where's the Creator's BTS? ;-)
......................................................................
Francesco Poli GnuPG Key ID = DD6DFCF4
Key fingerprint = C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060712/9a421313/attachment.pgp
More information about the Secure-testing-team
mailing list