[Secure-testing-team] Squirrelmail messed up on the tracker?
Francesco Poli
frx at firenze.linux.it
Sun May 13 22:09:14 UTC 2007
Hi!
I cannot understand whether the security bug tracker[1] is messing
something up with squirrelmail or maybe I'm just too tired...
The tracker page[2] for CVE-2007-1262 says:
Source Package Release Version Status
squirrelmail (PTS) sarge 2:1.4.4-10 fixed
sarge (security) 2:1.4.4-11 fixed
etch 2:1.4.9a-1 fixed
lenny, sid 2:1.4.9a-1 vulnerable
etch (security) 2:1.4.9a-2 fixed
On the other hand, DSA 1290-1[3] claims that the problem has been fixed
in
version 1.4.4-11 for sarge
version 1.4.9a-2 for etch
version 1.4.10a-1 for sid
and the PTS shows[4] the following versions:
Oldstable 2:1.4.4-10
Oldstable Security Updates 2:1.4.4-11
Stable 2:1.4.9a-1
Testing 2:1.4.10a-1
Unstable 2:1.4.10a-1
Experimental 2:1.5.1-5
What's wrong?
[1] http://security-tracker.debian.net/tracker/
[2] http://security-tracker.debian.net/tracker/CVE-2007-1262
[3] http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00046.html
[4] http://packages.qa.debian.org/s/squirrelmail.html
P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks.
--
http://frx.netsons.org/doc/nanodocs/testing_workstation_install.html
Need to read a Debian testing installation walk-through?
..................................................... Francesco Poli .
GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070514/f487356d/attachment.pgp
More information about the Secure-testing-team
mailing list