Re: Incorrect information in security tracker regarding the mahara package

To: Francois Marier <francois@debian.org>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: Incorrect information in security tracker regarding the mahara package
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Fri, 23 Oct 2009 18:48:34 +0200
Message-id: <[🔎] 20091023164834.GC3586@inutil.org>
In-reply-to: <[🔎] 20091022223629.GF7147@isafjordur.dyndns.org>
References: <[🔎] 20091022223629.GF7147@isafjordur.dyndns.org>

Francois Marier wrote:
> (please CC me on replies, I'm not on this list)
> 
> Hi,
> 
> I just want to report that this issue:
> 
>   http://security-tracker.debian.org/tracker/CVE-2009-2171
> 
> does not apply to the 1.0 series of Mahara, as mentioned on the upstream
> advisory:
> 
>   http://mahara.org/interaction/forum/topic.php?id=753
> 
> So the lenny version of Mahara, 1.0.4-4+lenny3, should not be marked as
> vulnerable.

Thanks you for your feedback, the Debian Security Tracker has been
updated.

Cheers,
        Moritz

Reply to:

References:
- Incorrect information in security tracker regarding the mahara package
  - From: Francois Marier <francois@debian.org>

Prev by Date: Re: Incorrect information in security tracker regarding the mahara package
Next by Date: Re: No tracker page for DSA-1914-1
Previous by thread: Re: Incorrect information in security tracker regarding the mahara package
Next by thread: CVE-2009-2140
Index(es):
- Date
- Thread