[Secure-testing-team] DSA 1332-1 vs. tracker
Francesco Poli
frx at firenze.linux.it
Wed Jul 11 19:33:30 UTC 2007
Hi all!
DSA 1332-1[1] states that three vulnerabilities (CVE-2007-3316
CVE-2007-3467 CVE-2007-3468) are fixed in sid by vlc version 0.8.6.c-1,
as the buglog[2] seems to confirm.
However, the tracker pages for those vulnerabilities[3][4][5] seem to
have a typo in the version info:
| Package Type Release Fixed Version Urgency Origin Debian Bugs
| vlc source (unstable) 0.8.6.c.debian-1 unimportant 429726
| vlc source etch 0.8.6-svn20061012.debian-5etch1 unknown DSA-1332-1
| vlc source sarge 0.8.1.svn20050314-1sarge3 unknown DSA-1332-1
Is this an inconsistency?
[1] http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00093.html
[2] http://bugs.debian.org/429726
[3] http://security-tracker.debian.net/tracker/CVE-2007-3316
[4] http://security-tracker.debian.net/tracker/CVE-2007-3467
[5] http://security-tracker.debian.net/tracker/CVE-2007-3468
P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks.
--
http://frx.netsons.org/doc/nanodocs/testing_workstation_install.html
Need to read a Debian testing installation walk-through?
..................................................... Francesco Poli .
GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070711/8c50310c/attachment.pgp
More information about the Secure-testing-team
mailing list