[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Typo in DSA-1540-1 tracker page!

Hi all!

DSA-1540-1 [1] was issued back on Monday and a corresponding tracker
page [2] has recently been added.

However, it seems that the tracker page [2] has a typo.

The DSA [1] refers to CVE-2008-1531 [3], which indeed talks about
lighttpd; on the other hand the tracker page [2] refers to
CVE-2008-1351 [4], which talks about XOOPS.
This caused a CVE tracker page [5] which talks about a XOOPS
vulnerability fixed in a version of lighttpd, which is, well, quite

Correct me, if I'm wrong.
Otherwise, please fix the typo ASAP.

Thank you all for your great job in improving Debian security!

[1] http://lists.debian.org/debian-security-announce/2008/msg00110.html
[2] http://security-tracker.debian.net/tracker/DSA-1540-1
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531
[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1351
[5] http://security-tracker.debian.net/tracker/CVE-2008-1351

P.S.: Please Cc: me on replies, as I am not a list subscriber.  Thanks.

 New! Version 0.6 available! What? See for yourself!
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpU0SfrvoeRB.pgp
Description: PGP signature

Reply to: