[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DSA-1770-1: No, it's not lenny security



Hi all,

DSA-1770-1 [1] has just been issued, and the corresponding tracker page
[2] has been created.
There's something strange, though.
The DSA says that the two vulnerabilities are fixed for etch in version
4.1.3-4etch1, while the CVE tracker pages [3][4] say that version
4.1.3-4etch1 is for *lenny (security)* and still vulnerable...

I cannot understand what's wrong.

[1] http://lists.debian.org/debian-security-announce/2009/msg00081.html
[2] http://security-tracker.debian.net/tracker/DSA-1770-1
[3] http://security-tracker.debian.net/tracker/CVE-2008-4182
[4] http://security-tracker.debian.net/tracker/CVE-2009-0930

P.S.: Please Cc: me on replies, as I am not a list subscriber.  Thanks.

-- 
 New location for my website! Update your bookmarks!
 http://www.inventati.org/frx
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpUody8yh4mk.pgp
Description: PGP signature


Reply to: