Re: [Secure-testing-commits] r7280 - data/DSA

To: debian-security-tracker@lists.debian.org
Cc: nion@alioth.debian.org
Subject: Re: [Secure-testing-commits] r7280 - data/DSA
From: Thijs Kinkhorst <thijs@debian.org>
Date: Sun, 11 Nov 2007 21:52:41 +0100
Message-id: <[🔎] 200711112152.43777.thijs@debian.org>
In-reply-to: <E1IrJAp-00023U-OJ@alioth.debian.org>
References: <E1IrJAp-00023U-OJ@alioth.debian.org>

On Sunday 11 November 2007 21:12, nion@alioth.debian.org wrote:
> Modified: data/DSA/list
> ===================================================================
> --- data/DSA/list	2007-11-11 18:50:43 UTC (rev 7279)
> +++ data/DSA/list	2007-11-11 20:12:51 UTC (rev 7280)
> @@ -1,3 +1,7 @@
> +[09 Nov 2007] DSA-1405-2 zope-cmfplone - arbitrary code
> +	{CVE-2007-5741}
> +	[etch] - zope-cmfplone 2.5.1-4etch2
> +	NOTE: the previous DSA introduced a regression
>  [09 Nov 2007] DSA-1406-1 horde3 - several vulnerabilities
>  	{CVE-2006-3548 CVE-2006-3549 CVE-2006-4256 CVE-2007-1473 CVE-2007-1474}
>  	[sarge] - horde3 3.0.4-4sarge6.

I thought about this but doubted that it was necessary. The thing is that the 
first DSA does actually close the bug, and strictly speaking the followup DSA 
update only corrects a grave but non security bug.

Not sure it really matters, in any case, and it doesn't hurt to add it, I 
guess.

Thijs

Attachment: pgpRfCZpyj3Gm.pgp
Description: PGP signature

Reply to:

Prev by Date: Re: Tracker inconsistency regarding gallery2?
Next by Date: Re: [Secure-testing-commits] r7301 - data/CVE
Previous by thread: Re: Tracker inconsistency regarding gallery2?
Next by thread: Re: [Secure-testing-commits] r7301 - data/CVE
Index(es):
- Date
- Thread