DSA-2189-1 vs. tracker

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: DSA-2189-1 vs. tracker
From: Francesco Poli <invernomuto@paranoici.org>
Date: Fri, 11 Mar 2011 18:36:38 +0100
Message-id: <[🔎] 20110311183638.e880586d.invernomuto@paranoici.org>

Hi all,
everything seems to be OK with the DSA-2189-1 [1] tracker page [2] and
its associated CVE numbers.
Some CVE numbers were apparently assigned after the release of the DSA.
I seem to be able to map the CVE-less vulnerabilities to the CVE
numbers mentioned in the tracker [2], except for the first two:

 Out-of-bounds read in text searching [69640]
 Memory corruption in SVG fonts. [72134]

Are these two still CVE-less?
If so, I cannot find any corresponding TEMP entry in the tracker [3].
Where are they? Should they be added to the tracker?


[1] http://lists.debian.org/debian-security-announce/2011/msg00056.html
[2] http://security-tracker.debian.org/tracker/DSA-2189-1
[3] http://security-tracker.debian.org/tracker/source-package/chromium-browser

-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
..................................................... Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Attachment: pgpMW9HDCBFG7.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: DSA-2189-1 vs. tracker
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Re: DSA-218[12]-1 vs. CVE vs. tracker
Next by Date: Re: DSA-2189-1 vs. tracker
Previous by thread: Re: DSA-218[12]-1 vs. CVE vs. tracker
Next by thread: Re: DSA-2189-1 vs. tracker
Index(es):
- Date
- Thread