[Secure-testing-team] Updates for testing-security track page
Steve Langasek
vorlon at debian.org
Mon Jun 5 16:46:02 UTC 2006
On Mon, Jun 05, 2006 at 11:44:54AM +0200, Djoume SALVETTI wrote:
> Le lun 05 jun 2006 00:14:36 GMT Francesco Poli <frx at firenze.linux.it> a écrit :
> > * mysql-dfsg (unfixed; bug #365939) for CVE-2006-1518, CVE-2006-1517,
> > CVE-2006-1516
> > The bug report[2] refers to package mysql-server-5.0 and claims that
> > the issue is fixed in mysql-dfsg-5.0 version 5.0.21-1, which is
> > superseded by 5.0.22-2 in sid.
> > Testing seems to be still vulnerable, because it has version 5.0.20-1.
> > [2] http://bugs.debian.org/365939
> > [3] http://bjorn.haxx.se/debian/testing.pl?package=mysql-server-5.0
> mysql-dfsg has been removed from sid and will be removed from etch when
> removing causes no dependency problems.
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356751
> http://bjorn.haxx.se/debian/testing.pl?package=mysql-dfsg
> I've updated our database with this information.
fwiw, myodbc and mnogosearch are due to be updated in testing tomorrow,
leaving only courier and kexi needing an update. kexi appears to be
binNMUable, and courier needs the hppa buildd's sbuild config fixed to not
reference libmysqlclient12 explicitly.
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060605/3718576f/attachment.pgp
More information about the Secure-testing-team
mailing list