[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bugs in debsecan feed for etch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 13 January 2009 21:38:29 Florian Weimer wrote:
> I think this was due to a misapplied stable update.  This should have
> been fixed (and the process has been properly automated).

Thanks, Florian.

Indeed, most of the false positives are gone this morning.  The vim ones 
remain:

CVE-2008-2712 vim-common (fixed, medium urgency)
CVE-2008-2712 vim (fixed, medium urgency)
CVE-2008-2712 vim-runtime (fixed, medium urgency)

apt-cache policy vim # same version for -runtime and -common
vim:
  Installed: 1:7.0-122+1etch3
  Candidate: 1:7.0-122+1etch3
  Version table:
     1:7.1.314-3+lenny2~bpo40+2 0
          1 http://www.backports.org etch-backports/main Packages
 *** 1:7.0-122+1etch3 0
        500 http://http.us.debian.org etch/main Packages
        500 http://security.debian.org etch/updates/main Packages
        100 /var/lib/dpkg/status

It's exciting to hear that the process has been automated.  This feed is 
going to be extremely useful to the centralized debsecan-alike webapp 
I'm building.  I imagine sysadmins only occasionally having to add 
fixed versions manually.

Unfortunately, my employer hasn't prioritized it into this or next 
sprint's backlog, so I'm working on it in my own time.  So it won't be 
ready for a while. :-)

Ciao,
Sheldon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJbY6epGJX8XSgas0RAiqnAKCxbA4F4ppcBJXIxOcxIgJgdqDV5wCgjJUv
KmzRwTT71+5FS6jjQfnFlB8=
=iLRu
-----END PGP SIGNATURE-----
Reply to: