Incorrect information in security tracker regarding the mahara package

To: debian-security-tracker@lists.debian.org
Subject: Incorrect information in security tracker regarding the mahara package
From: Francois Marier <francois@debian.org>
Date: Fri, 23 Oct 2009 11:36:29 +1300
Message-id: <[🔎] 20091022223629.GF7147@isafjordur.dyndns.org>

(please CC me on replies, I'm not on this list)

Hi,

I just want to report that this issue:

  http://security-tracker.debian.org/tracker/CVE-2009-2171

does not apply to the 1.0 series of Mahara, as mentioned on the upstream
advisory:

  http://mahara.org/interaction/forum/topic.php?id=753

So the lenny version of Mahara, 1.0.4-4+lenny3, should not be marked as
vulnerable.

Cheers,
Francois

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Incorrect information in security tracker regarding the mahara package
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>
- Re: Incorrect information in security tracker regarding the mahara package
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: No tracker page for DSA-1914-1
Next by Date: Re: No tracker page for DSA-1914-1
Previous by thread: Re: No tracker page for DSA-1914-1
Next by thread: Re: Incorrect information in security tracker regarding the mahara package
Index(es):
- Date
- Thread