[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bugs in debsecan feed for etch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Debsecan seems to be missing some versions.

I'm including most of the output of:

	debsecan --only-fixed --format=detail --suite=etch

I've excluded output for packages installed from backports and volatile, 
and have included apt-cache policy output to prove origins.

Please let me know if such a report is not useful, and I'll avoid 
hassling you in future. :-)

Thanks,
Sheldon.

CVE-2008-1367 (fixed)
  gcc 4.3.x does not generate a cld instruction while compiling ...
  installed: libc6-dev 2.3.6.ds1-13etch8
             (built from glibc 2.3.6.ds1-13etch8)
  fixed in unstable: glibc 2.7-8 (source package)
  fixed on branch:   glibc 0 (source package)
  fixed on branch:   glibc 2.3.6.ds1-13etch7 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy libc6-dev
libc6-dev:
  Installed: 2.3.6.ds1-13etch8
  Candidate: 2.3.6.ds1-13etch8
  Version table:
 *** 2.3.6.ds1-13etch8 0
        500 http://http.us.debian.org etch/main Packages
        100 /var/lib/dpkg/status

CVE-2008-2712 (fixed, medium urgency)
  Vim 7.1.314, 6.4, and other versions allows user-assisted remote ...
  installed: vim-common 1:7.0-122+1etch3
             (built from vim 1:7.0-122+1etch3)
  fixed in unstable: vim 1:7.1.314-3 (source package)
  fixed on branch:   vim 1:7.1.293-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny2 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy vim-common
vim-common:
  Installed: 1:7.0-122+1etch3
  Candidate: 1:7.0-122+1etch3
  Version table:
     1:7.1.314-3+lenny2~bpo40+2 0
          1 http://www.backports.org etch-backports/main Packages
 *** 1:7.0-122+1etch3 0
        500 http://http.us.debian.org etch/main Packages
        500 http://security.debian.org etch/updates/main Packages
        100 /var/lib/dpkg/status

CVE-2008-1367 (fixed)
  gcc 4.3.x does not generate a cld instruction while compiling ...
  installed: locales 2.3.6.ds1-13etch8
             (built from glibc 2.3.6.ds1-13etch8)
  fixed in unstable: glibc 2.7-8 (source package)
  fixed on branch:   glibc 0 (source package)
  fixed on branch:   glibc 2.3.6.ds1-13etch7 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy locales
locales:
  Installed: 2.3.6.ds1-13etch8
  Candidate: 2.3.6.ds1-13etch8
  Version table:
 *** 2.3.6.ds1-13etch8 0
        500 http://http.us.debian.org etch/main Packages
        100 /var/lib/dpkg/status

CVE-2008-2712 (fixed, medium urgency)
  Vim 7.1.314, 6.4, and other versions allows user-assisted remote ...
  installed: vim 1:7.0-122+1etch3
             (built from vim 1:7.0-122+1etch3)
  fixed in unstable: vim 1:7.1.314-3 (source package)
  fixed on branch:   vim 1:7.1.293-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny2 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy vim
vim:
  Installed: 1:7.0-122+1etch3
  Candidate: 1:7.0-122+1etch3
  Version table:
     1:7.1.314-3+lenny2~bpo40+2 0
          1 http://www.backports.org etch-backports/main Packages
 *** 1:7.0-122+1etch3 0
        500 http://http.us.debian.org etch/main Packages
        500 http://security.debian.org etch/updates/main Packages
        100 /var/lib/dpkg/status

CVE-2008-1367 (fixed)
  gcc 4.3.x does not generate a cld instruction while compiling ...
  installed: libc6-xen 2.3.6.ds1-13etch8
             (built from glibc 2.3.6.ds1-13etch8)
  fixed in unstable: glibc 2.7-8 (source package)
  fixed on branch:   glibc 0 (source package)
  fixed on branch:   glibc 2.3.6.ds1-13etch7 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy libc6-xen
libc6-xen:
  Installed: 2.3.6.ds1-13etch8
  Candidate: 2.3.6.ds1-13etch8
  Version table:
 *** 2.3.6.ds1-13etch8 0
        500 http://http.us.debian.org etch/main Packages
        100 /var/lib/dpkg/status

CVE-2008-2712 (fixed, medium urgency)
  Vim 7.1.314, 6.4, and other versions allows user-assisted remote ...
  installed: vim-runtime 1:7.0-122+1etch3
             (built from vim 1:7.0-122+1etch3)
  fixed in unstable: vim 1:7.1.314-3 (source package)
  fixed on branch:   vim 1:7.1.293-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny1 (source package)
  fixed on branch:   vim 1:7.1.314-3+lenny2 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy vim-runtime
vim-runtime:
  Installed: 1:7.0-122+1etch3
  Candidate: 1:7.0-122+1etch3
  Version table:
     1:7.1.314-3+lenny2~bpo40+2 0
          1 http://www.backports.org etch-backports/main Packages
 *** 1:7.0-122+1etch3 0
        500 http://http.us.debian.org etch/main Packages
        500 http://security.debian.org etch/updates/main Packages
        100 /var/lib/dpkg/status

CVE-2008-1367 (fixed)
  gcc 4.3.x does not generate a cld instruction while compiling ...
  installed: libc6 2.3.6.ds1-13etch8
             (built from glibc 2.3.6.ds1-13etch8)
  fixed in unstable: glibc 2.7-8 (source package)
  fixed on branch:   glibc 0 (source package)
  fixed on branch:   glibc 2.3.6.ds1-13etch7 (source package)
  fix is available for the selected suite (etch)

# apt-cache policy libc6
libc6:
  Installed: 2.3.6.ds1-13etch8
  Candidate: 2.3.6.ds1-13etch8
  Version table:
 *** 2.3.6.ds1-13etch8 0
        500 http://http.us.debian.org etch/main Packages
        100 /var/lib/dpkg/status

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJbEs0pGJX8XSgas0RAt/kAKCrmW37P8bQEHU4ZlCWLjgOdnyU7QCcDKtN
kBAVkQ7OoB2S/6CIiuW+poM=
=YQJ+
-----END PGP SIGNATURE-----
Reply to: