[Secure-testing-team] Question about the tracker
Moritz Muehlenhoff
jmm at inutil.org
Mon Jun 26 17:49:05 UTC 2006
Francesco Poli wrote:
> Hi everyone again! :)
>
> There's something I cannot quite understand about
> http://idssi.enyo.de/tracker/status/release/stable
> On that status page there are two rows about mpg123:
>
> mpg123 (non-free) CVE-2006-1655
> DSA-1074-1
>
> There first one refers to a vulnerability, while the second one refers
> to the DSA that claims to fix that same vulnerability.
> :-?
> I thought that a vulnerability should disappear from the *stable* status
> page, once it's fixed in security.debian.org...
> At least, it seems that every other hole that was fixed in s.d.o and got
> a DSA is not shown in the status page anymore.
> Is this one special? Why?
The tracker doesn't process the sources.list from non-free yet.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list