Re: geshi vs. tracker

To: Francesco Poli <frx@firenze.linux.it>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: geshi vs. tracker
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 4 Dec 2008 22:18:03 +0100
Message-id: <[🔎] 20081204211803.GB3605@galadriel.inutil.org>
In-reply-to: <[🔎] 20081204220832.c32e0ef5.frx@firenze.linux.it>
References: <[🔎] 20081204220832.c32e0ef5.frx@firenze.linux.it>

On Thu, Dec 04, 2008 at 10:08:32PM +0100, Francesco Poli wrote:
> Hi everyone (again),
> 
> DTSA-179-1 was issued on last Sunday.
> Its tracker page [1] says that geshi/1.0.7.22-1+lenny1 fixes two CVEs
> in lenny.
> Can someone explain why the tracker is still convinced that no lenny
> (security) version is present?
> 
> I mean:
> 
>   $ apt-cache policy php-geshi | grep Candidate
>     Candidate: 1.0.7.22-1+lenny1
> 
> Hence, it really seems that geshi/1.0.7.22-1+lenny1 is already
> available from security.d.o.  Nonetheless, it seems the tracker failed
> to realize that this is case!
> 
> What's wrong?

It's not yet moved to testing, the tracker tracks regular lenny.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: geshi vs. tracker
  - From: Francesco Poli <frx@firenze.linux.it>

References:
- geshi vs. tracker
  - From: Francesco Poli <frx@firenze.linux.it>

Prev by Date: Re: DSA-1681-1 vs. tracker
Next by Date: Re: DSA-1681-1 vs. tracker
Previous by thread: geshi vs. tracker
Next by thread: Re: geshi vs. tracker
Index(es):
- Date
- Thread