Re: DSA-1949-1 vs. tracker
On Sat, 12 Dec 2009 12:58:06 +0100 Francesco Poli wrote:
> Hi all,
> DSA-1949-1 has just been issued [1] claiming that two vulnerabilities
> have been fixed in php-net-ping.
>
> One issue is still CVE-less and there's the usual problem of "how does
> the security tracker account for CVE-less vulnerabilities?": I cannot
> even find the TEMP-x-y entry... [2]
> Is there any progress on this front?
>
> The other issue is CVE-2009-4024, which the DSA [1] claims to be fixed
> in version 2.4.2-1.1 for sid: the changelog [3] seems to agree, but the
> CVE tracker page tells another story [4].
> Which is wrong and which is right?
the tracker had not been updated. i've made the updates and it should
be correct now.
mike
Reply to: