Hi, I've had a look at Ming CVEs these last days, and a lot of them were already fixed in Wheezy since 1:0.4.4-1.1+deb7u8, where I fixed a lot of potential weaknesses. However I'm not completely sure about how to fill these information in the tracker. At first I did [wheezy] - ming <not-affected> (Already fixed in 0.4.4-1.1+deb7u8) but I'm pretty sure it was wrong, so I changed[0] it to [wheezy] - ming 0.4.4-1.1+deb7u8 Still I'm not completely sure it's the right way to proceed. Can anybody take a look ? Second question: Even if Ming isn't present in unstable, the tracker still mentions (unstable) - (unfixed) in the second table. IMO this row makes no sense, is it a bug ? Example: https://security-tracker.debian.org/tracker/CVE-2018-8964 Thanks ! Regards, Hugo [0] https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3e307fa7355af36ff0133a459de8d7fe561c97d -- Hugo Lefeuvre (hle) | www.owl.eu.com 4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
Attachment:
signature.asc
Description: PGP signature