Re: libxfont1 issues should not show up in the latently vulnerable packages list
> where did the reply come from? It never ended up on this
> list :/
the reply came from Julien Cristau. he included
debian-security-tracker in the cc list in his email, so i'm not sure
why it didn't show up here.
> Looking at the underlying tracker data the problem seems to
> be that DSA-1466-2 included an upload for libxfont for the
> above CVE ids while only CVE-2008-0006 was fixed in the
> update of libxfont.
so it was a mistake when the fix was uploaded to etch? can't you
hand-edit the security tracker data?
Reply to: