Bug#988823: marked as done (security-tracker: DSA-4917-1 vs. tracker)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Thu, 20 May 2021 08:41:16 +0200
with message-id <20210520064116.GA25944@lorien.valinor.li>
and subject line Re: Bug#988823: security-tracker: DSA-4917-1 vs. tracker
has caused the Debian Bug report #988823,
regarding security-tracker: DSA-4917-1 vs. tracker
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
988823: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988823
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: security-tracker: DSA-4917-1 vs. tracker
• From: "Francesco Poli (wintermute)" <invernomuto@paranoici.org>
• Date: Wed, 19 May 2021 23:45:00 +0200
• Message-id: <[🔎] 162146070003.13450.1400059140297067178.reportbug@crunch>

Package: security-tracker
Severity: normal

Hello everyone!

According to [DSA-4917-1], a number of CVEs are fixed in chromium
for buster: CVE-2021-30506 ÷ CVE-2021-30520.

The tracker [DSA page] agrees on that, but also refers to
[CVE-2021-3051], which is not mentioned in the DSA.

[DSA-4917-1]: <https://lists.debian.org/debian-security-announce/2021/msg00098.html>
[DSA page]: <https://security-tracker.debian.org/tracker/DSA-4917-1>
[CVE-2021-3051]: <https://security-tracker.debian.org/tracker/CVE-2021-3051>

Is the DSA incomplete or does the tracker page need a correction?

Please let me know, and update the tracker data, if needed.
Thanks for your time!

--- End Message ---

--- Begin Message ---

• To: "Francesco Poli (wintermute)" <invernomuto@paranoici.org>, 988823-done@bugs.debian.org
• Subject: Re: Bug#988823: security-tracker: DSA-4917-1 vs. tracker
• From: Salvatore Bonaccorso <carnil@debian.org>
• Date: Thu, 20 May 2021 08:41:16 +0200
• Message-id: <20210520064116.GA25944@lorien.valinor.li>
• In-reply-to: <[🔎] 162146070003.13450.1400059140297067178.reportbug@crunch>
• References: <[🔎] 162146070003.13450.1400059140297067178.reportbug@crunch>

Hi,

On Wed, May 19, 2021 at 11:45:00PM +0200, Francesco Poli (wintermute) wrote:
> Package: security-tracker
> Severity: normal
> 
> Hello everyone!
> 
> According to [DSA-4917-1], a number of CVEs are fixed in chromium
> for buster: CVE-2021-30506 ÷ CVE-2021-30520.
> 
> The tracker [DSA page] agrees on that, but also refers to
> [CVE-2021-3051], which is not mentioned in the DSA.
> 
> [DSA-4917-1]: <https://lists.debian.org/debian-security-announce/2021/msg00098.html>
> [DSA page]: <https://security-tracker.debian.org/tracker/DSA-4917-1>
> [CVE-2021-3051]: <https://security-tracker.debian.org/tracker/CVE-2021-3051>
> 
> Is the DSA incomplete or does the tracker page need a correction?
> 
> Please let me know, and update the tracker data, if needed.
> Thanks for your time!

There was erroneusly CVE-2021-3051 in the CVE list, which I think
might have been caused by a typo (the list initially as well missed
CVE-2021-30517, which was added later).

The tracker data itself should now be correct again (but will take up
to an hour at least for showing it fully correct).

Regards,
Salvatore

--- End Message ---