Re: DSA-1653-1 vs. tracker

To: debian-security-tracker@lists.debian.org
Cc: Francesco Poli <frx@firenze.linux.it>
Subject: Re: DSA-1653-1 vs. tracker
From: Gerfried Fuchs <rhonda@deb.at>
Date: Thu, 16 Oct 2008 13:57:11 +0200
Message-id: <[🔎] 20081016115711.GB26753@anguilla.debian.or.at>
Mail-followup-to: debian-security-tracker@lists.debian.org, Francesco Poli <frx@firenze.linux.it>
In-reply-to: <[🔎] 20081015220559.6a2c3cfb.frx@firenze.linux.it>
References: <[🔎] 20081015220559.6a2c3cfb.frx@firenze.linux.it>

* Francesco Poli <frx@firenze.linux.it> [2008-10-15 22:05:59 CEST]:
> DSA-1653-1 [1] has been recently issued and a corresponding tracker
> page [2] was added.
> 
> However, it seems that there's an inconsistency between the
> DSA and the tracker.
> 
> The DSA [1] claims that all the CVEs are fixed in etch by
> linux-2.6/2.6.18.dfsg.1-22etch3, while the tracker page for
> CVE-2008-3276 [3] claims that etch is still vulnerable.

 For completeness, CVE-2008-3525 lists linux-2.6.24 as unfixed, too.

 Thanks,
Rhonda

Reply to:

References:
- DSA-1653-1 vs. tracker
  - From: Francesco Poli <frx@firenze.linux.it>

Prev by Date: DSA-1653-1 vs. tracker
Next by Date: Conflicting Information on CVE-2008-3699 Page
Previous by thread: DSA-1653-1 vs. tracker
Next by thread: Conflicting Information on CVE-2008-3699 Page
Index(es):
- Date
- Thread