Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list

To: "Michael Gilbert" <michael.s.gilbert@gmail.com>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 11 Mar 2008 09:41:56 +0100
Message-id: <[🔎] 87ejahtzxn.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 8e2a98be0803102118g57facc30i2a5306a1bee2bf89@mail.gmail.com> (Michael Gilbert's message of "Tue, 11 Mar 2008 00:18:10 -0400")
References: <[🔎] 8e2a98be0803102118g57facc30i2a5306a1bee2bf89@mail.gmail.com>

* Michael Gilbert:

> according to DSA-1505-1 [1], the alsa-driver vulnerability
> (CVE-2007-4571) was fixed via the upload of version 1.0.15-1 to
> unstable a while back.  however, the problem is still listed as a
> latent vulnerability in unstable [2].  please update the lists to
> correctly reflect that this vulnerability no longer exists in
> unstable.

I'm a bit confused by this issue.  Do we really ship two versions of the
ALSA code in sid?

Reply to:

Follow-Ups:
- Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

References:
- CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

Prev by Date: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Next by Date: Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Previous by thread: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Next by thread: Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Index(es):
- Date
- Thread