Re: abiword issue should not show up in the latently vulnerable list

To: "Michael Gilbert" <michael.s.gilbert@gmail.com>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: abiword issue should not show up in the latently vulnerable list
From: Thijs Kinkhorst <thijs@debian.org>
Date: Sun, 4 May 2008 13:30:13 +0200
Message-id: <[🔎] 200805041330.14227.thijs@debian.org>
In-reply-to: <[🔎] 8e2a98be0805031739i15ae7dbfx202813c9cf446723@mail.gmail.com>
References: <[🔎] 8e2a98be0805031739i15ae7dbfx202813c9cf446723@mail.gmail.com>

On Sunday 4 May 2008 02:39, Michael Gilbert wrote:
> it appears that the recent abiword issue (CVE-2006-4513) was fixed in sid
> a while back (see bug #396360 [1]).  it doesn't appear that the abiword
> maintainer ever sent a message to let the security team know about this.
> however, in the thread for that bug, he did say "I believe this bug has
> been fixed in sarge, etch, and sid.  Thanks for those of you who were
> involved." the bug is currently marked as resolved.  hence it appears that
> the issue is indeed fixed in sid and should be removed from the latently
> vulnerable list [2].

Thanks for reporting this. The bugreport is unclear about the exact fixed 
version, but I've verified that it indeed is fixed at least from the version 
currently in etch, so that means we're all set with this.


Thijs

Reply to:

References:
- abiword issue should not show up in the latently vulnerable list
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

Prev by Date: Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Next by Date: Re: moodle issues should not show up in the latently vulnerable packages list
Previous by thread: abiword issue should not show up in the latently vulnerable list
Next by thread: moodle issues should not show up in the latently vulnerable packages list
Index(es):
- Date
- Thread