[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DSA-1471-1 vs. tracker

On Tue, Jan 22, 2008 at 07:03:48PM +0100, Francesco Poli wrote:
> On Tue, 22 Jan 2008 00:56:02 +0100 Nico Golde wrote:
> 
> [...]
> > * Francesco Poli <frx@firenze.linux.it> [2008-01-22 00:24]:
> [...]
> > > Moreover, the same DSA [1] claims that version 1.1.2.dfsg-1.3 fixes the
> > > above-mentioned CVEs for etch.  However the CVE-2007-4029 page [4] tells
> > > a different story: it states that version 1.1.2.dfsg-1.3 is vulnerable.
> > > Is this a security-tracker internal inconsistency?
> > [...] 
> > The source package name was missing from the sarge tag in 
> > our DSA file. Fixed this in svn.
> 
> The DSA page now seems OK: that's an improvement!  :-)
> 
> Nonetheless, the CVE-2007-4029 page still seems to be out of
> sync...  :-(

Fixed.

Cheers,
        Moritz
Reply to: