Hi, * Francesco Poli <frx@firenze.linux.it> [2009-06-16 00:48]: > On Sun, 14 Jun 2009 23:25:45 +0200 Francesco Poli wrote: > [...] > > Debian lenny was released in February 2009. > > As of now (June 2009), I still have to see the first DTSA for squeeze. [...] > If I understand correctly the fixes for lenny were ported to squeeze. > If this is the case, I think that another package that would benefit > from a similar treatment (besides linux-2.6) is xpdf: > http://security-tracker.debian.net/tracker/CVE-2009-0165 > http://security-tracker.debian.net/tracker/CVE-2009-0146 > http://security-tracker.debian.net/tracker/CVE-2009-0147 > http://security-tracker.debian.net/tracker/CVE-2009-0166 > http://security-tracker.debian.net/tracker/CVE-2009-0195 > http://security-tracker.debian.net/tracker/CVE-2009-0799 [...] I know, that would be useful. Unfortunately this involves way more work than in the case of cyrus which I currently lack of. The xpdf issues are really a pain to handle, especially because there were so many other issues found while assessing some of the initial issues. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgpPN7zA1W3s7.pgp
Description: PGP signature