Hi all, DSA-1770-1 [1] has just been issued, and the corresponding tracker page [2] has been created. There's something strange, though. The DSA says that the two vulnerabilities are fixed for etch in version 4.1.3-4etch1, while the CVE tracker pages [3][4] say that version 4.1.3-4etch1 is for *lenny (security)* and still vulnerable... I cannot understand what's wrong. [1] http://lists.debian.org/debian-security-announce/2009/msg00081.html [2] http://security-tracker.debian.net/tracker/DSA-1770-1 [3] http://security-tracker.debian.net/tracker/CVE-2008-4182 [4] http://security-tracker.debian.net/tracker/CVE-2009-0930 P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- New location for my website! Update your bookmarks! http://www.inventati.org/frx ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpQJM_Efnms1.pgp
Description: PGP signature