Re: No tracker page for DSA-1940-1

To: debian-security-tracker@lists.debian.org
Subject: Re: No tracker page for DSA-1940-1
From: Francesco Poli <frx@firenze.linux.it>
Date: Thu, 26 Nov 2009 00:03:30 +0100
Message-id: <[🔎] 20091126000330.8ccacdfa.frx@firenze.linux.it>
In-reply-to: <[🔎] 20091125233650.d2aa45ce.frx@firenze.linux.it>
References: <[🔎] 20091125233650.d2aa45ce.frx@firenze.linux.it>

On Wed, 25 Nov 2009 23:36:50 +0100 Francesco Poli wrote:

> Hello everyone,
> it seems to me that there's no tracker page for the just issued
> DSA-1940-1.
> 
> Please update the tracker.

The tracker page is now present, but there's a discrepancy that I would
like to point out: the DSA claims that the issues are fixed in
php5/5.2.11.dfsg.1-2 for sid and squeeze.
However, the tracker (on the individual CVE pages) says that
php5/5.2.11.dfsg.1-1 is fixed.
By looking at the BTS bugs, it seems that this is true at least for
CVE-2009-2626 and CVE-2009-2687, but there's no indication that this
should be the case for CVE-2009-3291 and CVE-2009-3292...

Could you please clarify?

-- 
 New location for my website! Update your bookmarks!
 http://www.inventati.org/frx
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgp1i7_cdUoXC.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: No tracker page for DSA-1940-1
  - From: Raphael Geissert <geissert@debian.org>
- Re: No tracker page for DSA-1940-1
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

References:
- No tracker page for DSA-1940-1
  - From: Francesco Poli <frx@firenze.linux.it>

Prev by Date: No tracker page for DSA-1940-1
Next by Date: Re: No tracker page for DSA-1940-1
Previous by thread: No tracker page for DSA-1940-1
Next by thread: Re: No tracker page for DSA-1940-1
Index(es):
- Date
- Thread