Re: Debian Security Tracker Missing Squeeze-LTS packages

To: debian-security-tracker@lists.debian.org
Subject: Re: Debian Security Tracker Missing Squeeze-LTS packages
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 7 Aug 2014 09:03:00 +0200
Message-id: <[🔎] 20140807070300.GA25258@lorien.valinor.li>
Mail-followup-to: debian-security-tracker@lists.debian.org
In-reply-to: <[🔎] CAEc--nu53xpj0rE95wQSkviVApa-pHrA8sPuOpAyz6f4+AWCNg@mail.gmail.com>
References: <[🔎] CAEc--nu53xpj0rE95wQSkviVApa-pHrA8sPuOpAyz6f4+AWCNg@mail.gmail.com>

Hi Sam,

On Thu, Aug 07, 2014 at 10:06:02AM +1000, Sam McLeod wrote:
> Hi,
> 
> I'm not sure how this got missed but the DST is missing Squeeze LTS packages!
> 
> For example according to the DST Squeeze is still vulnerable to the
> latest OpenSSL bug, but it's actually been patched.
> 
> 
> Package        : openssl
> 
> CVE ID         : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508
> 
>                 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512
> 
>                 CVE-2014-5139
> 
> 
> https://security-tracker.debian.org/tracker/source-package/openssl

The security-tracker unfortunately right now cannot handle squeeze-lts
correctly, see the thread at

https://lists.debian.org/debian-lts/2014/08/msg00004.html

Regards,
Salvatore

Reply to:

References:
- Debian Security Tracker Missing Squeeze-LTS packages
  - From: Sam McLeod <sammcj@gmail.com>

Prev by Date: External check
Next by Date: External check
Previous by thread: Debian Security Tracker Missing Squeeze-LTS packages
Next by thread: Bug#758698: security-tracker: Valid, trusted Certificates Fail Validation
Index(es):
- Date
- Thread