Hi,
I've had a look at Ming CVEs these last days, and a lot of them were
already fixed in Wheezy since 1:0.4.4-1.1+deb7u8, where I fixed a lot
of potential weaknesses. However I'm not completely sure about how to
fill these information in the tracker.
At first I did
[wheezy] - ming <not-affected> (Already fixed in 0.4.4-1.1+deb7u8)
but I'm pretty sure it was wrong, so I changed[0] it to
[wheezy] - ming 0.4.4-1.1+deb7u8
Still I'm not completely sure it's the right way to proceed. Can anybody
take a look ?
Second question: Even if Ming isn't present in unstable, the tracker
still mentions (unstable) - (unfixed) in the second table. IMO this
row makes no sense, is it a bug ?
Example: https://security-tracker.debian.org/tracker/CVE-2018-8964
Thanks !
Regards,
Hugo
[0] https://salsa.debian.org/security-tracker-team/security-tracker/commit/e3e307fa7355af36ff0133a459de8d7fe561c97d
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
Attachment:
signature.asc
Description: PGP signature