Re: libxfont1 issues should not show up in the latently vulnerable packages list

To: Michael Gilbert <michael.s.gilbert@gmail.com>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: libxfont1 issues should not show up in the latently vulnerable packages list
From: Julien Cristau <jcristau@debian.org>
Date: Thu, 8 May 2008 15:53:26 +0200
Message-id: <[🔎] 20080508135326.GA2123@patate.is-a-geek.org>
Mail-followup-to: Julien Cristau <jcristau@debian.org>, Michael Gilbert <michael.s.gilbert@gmail.com>, debian-security-tracker@lists.debian.org
In-reply-to: <[🔎] 8e2a98be0805031652o1d474fb8x2b5171673c9d9226@mail.gmail.com>
References: <[🔎] 8e2a98be0805031652o1d474fb8x2b5171673c9d9226@mail.gmail.com>

On Sat, May  3, 2008 at 19:52:28 -0400, Michael Gilbert wrote:

> it appears that the recent libxfont1 issues (CVE-2007-5760,
> CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, and CVE-2007-6429) never
> affected sid (they were applicable only to sarge and etch [1]).

They were applicable to sid too, but have nothing to do with libXfont,
they are bugs in the X server.  CVE-2008-0006 was fixed at the same
time, and actually affected libXfont.

Cheers,
Julien

Reply to:

References:
- libxfont1 issues should not show up in the latently vulnerable packages list
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

Prev by Date: Re: [php-maint] Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Next by Date: Re: [php-maint] Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Previous by thread: libxfont1 issues should not show up in the latently vulnerable packages list
Next by thread: Re: CVE-2007-4571 should not show up in the unstable latently vulnerable packages list
Index(es):
- Date
- Thread