user release.debian.org@packages.debian.org usertag 600667 squeeze-can-defer tag 600667 squeeze-ignore kthxbye On Tue, Feb 1, 2011 at 21:19:53 -0500, Michael Gilbert wrote: > reopen 600667 > thanks > > Maybe I'm reading things wrong, or maybe Mitre's information is > actually incorrect, but it looks like the fixes claimed for > CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead. > It looks like CVE-2010-3847 [1] is still unfixed. The original fix in > -7 may have been correct to begin with? > Not a release blocker. Cheers, Julien
Attachment:
signature.asc
Description: Digital signature