Re: geshi vs. tracker
On Thu, Dec 04, 2008 at 10:08:32PM +0100, Francesco Poli wrote:
> Hi everyone (again),
>
> DTSA-179-1 was issued on last Sunday.
> Its tracker page [1] says that geshi/1.0.7.22-1+lenny1 fixes two CVEs
> in lenny.
> Can someone explain why the tracker is still convinced that no lenny
> (security) version is present?
>
> I mean:
>
> $ apt-cache policy php-geshi | grep Candidate
> Candidate: 1.0.7.22-1+lenny1
>
> Hence, it really seems that geshi/1.0.7.22-1+lenny1 is already
> available from security.d.o. Nonetheless, it seems the tracker failed
> to realize that this is case!
>
> What's wrong?
It's not yet moved to testing, the tracker tracks regular lenny.
Cheers,
Moritz
Reply to: