Re: [SECURITY] [DLA 419-1] gtk+2.0 security update
On Wed, Feb 17, 2016 at 07:16:20PM +0100, Santiago Ruano Rincón wrote:
> Hi Guido,
> El 17/02/16 a las 17:13, Guido Günther escribió:
> > Hi Santiago,
> > On Wed, Feb 17, 2016 at 11:21:04AM +0100, firstname.lastname@example.org wrote:
> > > Package : gtk+2.0
> > > Version : 2.20.1-2+deb6u1
> > > CVE ID : CVE-2013-7447
> > > Debian Bug : 799275
> > This doesn't seem to be reflected in data/CVE/list. Did you forget to
> > commit your changes?
> Actually, I didn't forget it. Look at data/DLA/list:
> [17 Feb 2016] DLA-419-1 gtk+2.0 - security update
> [squeeze] - gtk+2.0 2.20.1-2+deb6u1
> Doesn't sectracker automatically updates data/CVE/list?
Just to confirm: yes the security-tracker builds the cross reference
(no need to do that by hand there).
I just checked the CVE-2013-7447 entry and looks correct to me. Guido
do you mean something else?