Re: DSA-1471-1 vs. tracker
On Tue, Jan 22, 2008 at 07:03:48PM +0100, Francesco Poli wrote:
> On Tue, 22 Jan 2008 00:56:02 +0100 Nico Golde wrote:
>
> [...]
> > * Francesco Poli <frx@firenze.linux.it> [2008-01-22 00:24]:
> [...]
> > > Moreover, the same DSA [1] claims that version 1.1.2.dfsg-1.3 fixes the
> > > above-mentioned CVEs for etch. However the CVE-2007-4029 page [4] tells
> > > a different story: it states that version 1.1.2.dfsg-1.3 is vulnerable.
> > > Is this a security-tracker internal inconsistency?
> > [...]
> > The source package name was missing from the sarge tag in
> > our DSA file. Fixed this in svn.
>
> The DSA page now seems OK: that's an improvement! :-)
>
> Nonetheless, the CVE-2007-4029 page still seems to be out of
> sync... :-(
Fixed.
Cheers,
Moritz
Reply to: