Hi all, DSA-1681-1 [1] has just been issued and a corresponding tracker page [2] was added. However, it seems that there's a couple of inconsistencies between the DSA and the tracker. The DSA [1] claims that all the CVEs are fixed in etch by linux-2.6.24/2.6.24-6~etchnhalf.7, while the tracker pages for CVE-2008-5134 [3] and CVE-2008-5182 [4] claim that etch is still vulnerable. If these are actual inconsistencies, please fix them ASAP. Thanks! [1] http://lists.debian.org/debian-security-announce/2008/msg00273.html [2] http://security-tracker.debian.net/tracker/DSA-1681-1 [3] http://security-tracker.debian.net/tracker/CVE-2008-5134 [4] http://security-tracker.debian.net/tracker/CVE-2008-5182 P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpE4p3dP9_L2.pgp
Description: PGP signature