Re: Bugs in debsecan feed for etch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 13 January 2009 21:38:29 Florian Weimer wrote:
> I think this was due to a misapplied stable update. This should have
> been fixed (and the process has been properly automated).
Thanks, Florian.
Indeed, most of the false positives are gone this morning. The vim ones
remain:
CVE-2008-2712 vim-common (fixed, medium urgency)
CVE-2008-2712 vim (fixed, medium urgency)
CVE-2008-2712 vim-runtime (fixed, medium urgency)
apt-cache policy vim # same version for -runtime and -common
vim:
Installed: 1:7.0-122+1etch3
Candidate: 1:7.0-122+1etch3
Version table:
1:7.1.314-3+lenny2~bpo40+2 0
1 http://www.backports.org etch-backports/main Packages
*** 1:7.0-122+1etch3 0
500 http://http.us.debian.org etch/main Packages
500 http://security.debian.org etch/updates/main Packages
100 /var/lib/dpkg/status
It's exciting to hear that the process has been automated. This feed is
going to be extremely useful to the centralized debsecan-alike webapp
I'm building. I imagine sysadmins only occasionally having to add
fixed versions manually.
Unfortunately, my employer hasn't prioritized it into this or next
sprint's backlog, so I'm working on it in my own time. So it won't be
ready for a while. :-)
Ciao,
Sheldon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJbY6epGJX8XSgas0RAiqnAKCxbA4F4ppcBJXIxOcxIgJgdqDV5wCgjJUv
KmzRwTT71+5FS6jjQfnFlB8=
=iLRu
-----END PGP SIGNATURE-----
Reply to: