Re: DSA-1949-1 vs. tracker

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: Re: DSA-1949-1 vs. tracker
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sat, 12 Dec 2009 13:32:59 -0500
Message-id: <[🔎] 20091212133259.6da90a98.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 20091212125806.e02f4fa8.frx@firenze.linux.it>
References: <[🔎] 20091212125806.e02f4fa8.frx@firenze.linux.it>

On Sat, 12 Dec 2009 12:58:06 +0100 Francesco Poli wrote:

> Hi all,
> DSA-1949-1 has just been issued [1] claiming that two vulnerabilities
> have been fixed in php-net-ping.
> 
> One issue is still CVE-less and there's the usual problem of "how does
> the security tracker account for CVE-less vulnerabilities?": I cannot
> even find the TEMP-x-y entry... [2]
> Is there any progress on this front?
> 
> The other issue is CVE-2009-4024, which the DSA [1] claims to be fixed
> in version 2.4.2-1.1 for sid: the changelog [3] seems to agree, but the
> CVE tracker page tells another story [4].
> Which is wrong and which is right?

the tracker had not been updated.  i've made the updates and it should
be correct now.

mike

Reply to:

Follow-Ups:
- Re: DSA-1949-1 vs. tracker
  - From: Francesco Poli <frx@firenze.linux.it>

References:
- DSA-1949-1 vs. tracker
  - From: Francesco Poli <frx@firenze.linux.it>

Prev by Date: DSA-1949-1 vs. tracker
Next by Date: Re: DSA-1949-1 vs. tracker
Previous by thread: DSA-1949-1 vs. tracker
Next by thread: Re: DSA-1949-1 vs. tracker
Index(es):
- Date
- Thread