Hi all, everything seems to be OK with the DSA-2189-1 [1] tracker page [2] and its associated CVE numbers. Some CVE numbers were apparently assigned after the release of the DSA. I seem to be able to map the CVE-less vulnerabilities to the CVE numbers mentioned in the tracker [2], except for the first two: Out-of-bounds read in text searching [69640] Memory corruption in SVG fonts. [72134] Are these two still CVE-less? If so, I cannot find any corresponding TEMP entry in the tracker [3]. Where are they? Should they be added to the tracker? [1] http://lists.debian.org/debian-security-announce/2011/msg00056.html [2] http://security-tracker.debian.org/tracker/DSA-2189-1 [3] http://security-tracker.debian.org/tracker/source-package/chromium-browser -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpMW9HDCBFG7.pgp
Description: PGP signature