CVE-2009-1284

To: debian-security-tracker@lists.debian.org
Cc: debian-tex-maint@lists.debian.org
Subject: CVE-2009-1284
From: Norbert Preining <preining@logic.at>
Date: Thu, 19 Nov 2009 08:34:21 +0100
Message-id: <[🔎] 20091119073421.GC17284@gamma.logic.tuwien.ac.at>

Dear security team,

on the tracker page
http://security-tracker.debian.org/tracker/CVE-2009-1284
I see that texlive-bin 2009-1 is still listed as vulnerable.

We did close the bug 520920, but probably we should add the CVE string
to close this bug.

Now my question: If for the next upload we edit the old changelog entry
will that be enough, or is there anything else we should/need to do?

Then, for stable: Do you want us to prepare a security update for lenny?

For sid/testing I would prefer to just leave it like it is, since after
a certain testing phase we want to get the 2009 packages into unstable 
anyway.

Please tell us about your preferences, and thanks a lot for your good work

Norbert

-------------------------------------------------------------------------------
Dr. Norbert Preining                                        Associate Professor
JAIST Japan Advanced Institute of Science and Technology   preining@jaist.ac.jp
Vienna University of Technology                               preining@logic.at
Debian Developer (Debian TeX Task Force)                    preining@debian.org
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
CLATHY (adj.)
Nervously indecisive about how safely to dispose of a dud lightbulb.
			--- Douglas Adams, The Meaning of Liff

Reply to:

Follow-Ups:
- Re: CVE-2009-1284
  - From: Raphael Geissert <geissert@debian.org>

Prev by Date: Re: CVEs for linux-2.6
Next by Date: Re: CVE-2009-1284
Previous by thread: Re: CVEs for linux-2.6
Next by thread: Re: CVE-2009-1284
Index(es):
- Date
- Thread