On Thu, 19 Feb 2009 21:19:59 +0100 Florian Weimer wrote: > * Francesco Poli: > > > However, many other vulnerabilities are still considered as unfixed in > > squeeze and fixed in lenny at the same time, with both branches having > > the same exact package version. > > Thanks for providing the list. You're welcome! :) > > As announced, we do not provide full testing-security for a few weeks. I am aware of that (even though I really hope that the meaning of "few" is more close to 1 as possible!), but I think this is *not* a good reason to show more vulnerabilities in testing than are actually present! > Most of the issues you listed should be fixed soon by regular testing > migration. Frankly speaking, I am not overly enthusiast of the meaning of that "soon": for instance, wireshark will migrate to testing in 7 days, assuming that its build process is successfully completed in the meanwhile and the install issues caused by pcre3 get solved in time! http://release.debian.org/migration/testing.pl?package=wireshark > In the moodle and mediawiki cases, I've added missing > data, and for samizdat, I asked the maintainer if the upload to > experimental was intended. Thanks for fixing some of the reported inconsistencies. However, I think the other missing data should be added too. > > (The underlying tracker bug is difficult to fix in the current > environment. But it does not affected debsecan, I think.) That's unfortunate. -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgp3bV7U0tAZz.pgp
Description: PGP signature