[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to close open security issues

On Mon, May 23, 2011 at 11:39 PM, Nikolaus Rath <Nikolaus@rath.org> wrote:

> http://packages.qa.debian.org/f/fuse.html reports 4 open security
> issues. I prepared an upload that fixes them, but how do I tell the
> package tracking system that they are fixed? There seem to be no
> associated debian BTS numbers.

You can find the associated bug numbers on the individual CVEs:

http://security-tracker.debian.org/tracker/CVE-2010-3879 => #602333
http://security-tracker.debian.org/tracker/CVE-2011-0541 => #624551
http://security-tracker.debian.org/tracker/CVE-2011-0542 => #624551
http://security-tracker.debian.org/tracker/CVE-2011-0543 => #624551

Be sure to mention the CVE numbers in debian/changelog for the upload
that fixes them.

Also check out the sections of the devref dealing with security issues:




Reply to: