Re: DSA-1770-1: No, it's not lenny security

To: debian-security-tracker@lists.debian.org
Subject: Re: DSA-1770-1: No, it's not lenny security
From: Francesco Poli <frx@firenze.linux.it>
Date: Wed, 15 Apr 2009 23:19:02 +0200
Message-id: <[🔎] 20090415231902.e5e2d34c.frx@firenze.linux.it>
In-reply-to: <[🔎] 200904141211.01745.steffen.joeris@skolelinux.de>
References: <[🔎] 20090413182309.7f07b17e.frx@firenze.linux.it> <[🔎] 200904141211.01745.steffen.joeris@skolelinux.de>

On Tue, 14 Apr 2009 13:11:00 +1100 Steffen Joeris wrote:

> On Tue, 14 Apr 2009 02:23:09 am Francesco Poli wrote:
> > Hi all,
> >
> > DSA-1770-1 [1] has just been issued,
[...]
> I've already notified ftpmaster and they should fix it soon.
> The package had the wrong distribution in the changelog.

Ah!  That's why!

The issue seems to be *almost* fixed.
Now the CVE tracker pages report the correct fixed versions, but
still claim that lenny (security) has version 4.1.3-4etch1 and is
vulnerable...

> 
> Thanks for reporting.

You're welcome!  :)

P.S.: Please Cc: me on replies, as I am not a list subscriber.  Thanks.

-- 
 New location for my website! Update your bookmarks!
 http://www.inventati.org/frx
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpWtcHtgQA3H.pgp
Description: PGP signature

Reply to:

References:
- DSA-1770-1: No, it's not lenny security
  - From: Francesco Poli <frx@firenze.linux.it>
- Re: DSA-1770-1: No, it's not lenny security
  - From: Steffen Joeris <steffen.joeris@skolelinux.de>

Prev by Date: Re: DSA-1770-1: No, it's not lenny security
Next by Date: Re: [Secure-testing-commits] r11636 - data/CVE
Previous by thread: Re: DSA-1770-1: No, it's not lenny security
Next by thread: Re: [Secure-testing-commits] r11636 - data/CVE
Index(es):
- Date
- Thread