Re: DSA-1471-1 vs. tracker
On Tue, Jan 22, 2008 at 07:03:48PM +0100, Francesco Poli wrote:
> On Tue, 22 Jan 2008 00:56:02 +0100 Nico Golde wrote:
> > * Francesco Poli <email@example.com> [2008-01-22 00:24]:
> > > Moreover, the same DSA  claims that version 1.1.2.dfsg-1.3 fixes the
> > > above-mentioned CVEs for etch. However the CVE-2007-4029 page  tells
> > > a different story: it states that version 1.1.2.dfsg-1.3 is vulnerable.
> > > Is this a security-tracker internal inconsistency?
> > [...]
> > The source package name was missing from the sarge tag in
> > our DSA file. Fixed this in svn.
> The DSA page now seems OK: that's an improvement! :-)
> Nonetheless, the CVE-2007-4029 page still seems to be out of
> sync... :-(