geshi vs. tracker

To: debian-security-tracker@lists.debian.org
Subject: geshi vs. tracker
From: Francesco Poli <frx@firenze.linux.it>
Date: Thu, 4 Dec 2008 22:08:32 +0100
Message-id: <[🔎] 20081204220832.c32e0ef5.frx@firenze.linux.it>

Hi everyone (again),

DTSA-179-1 was issued on last Sunday.
Its tracker page [1] says that geshi/1.0.7.22-1+lenny1 fixes two CVEs
in lenny.
Can someone explain why the tracker is still convinced that no lenny
(security) version is present?

I mean:

  $ apt-cache policy php-geshi | grep Candidate
    Candidate: 1.0.7.22-1+lenny1

Hence, it really seems that geshi/1.0.7.22-1+lenny1 is already
available from security.d.o.  Nonetheless, it seems the tracker failed
to realize that this is case!

What's wrong?


[1] http://security-tracker.debian.net/tracker/DTSA-179-1

P.S.: Please Cc: me on replies, as I am not a list subscriber.  Thanks.

-- 
 On some search engines, searching for my nickname AND
 "nano-documents" may lead you to my website...  
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpKfp7MUMIoR.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: geshi vs. tracker
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: DSA-1681-1 vs. tracker
Next by Date: Re: DSA-1681-1 vs. tracker
Previous by thread: Re: DSA-1681-1 vs. tracker
Next by thread: Re: geshi vs. tracker
Index(es):
- Date
- Thread