netdisco-mibs-installer in testing, again

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: netdisco-mibs-installer in testing, again
From: Francesco Poli <frx@firenze.linux.it>
Date: Sat, 9 Jan 2010 17:52:51 +0100
Message-id: <[🔎] 20100109175251.65add9b1.frx@firenze.linux.it>

Hi all,
a recent DTSA [1] states that CVE-2008-5379 has been fixed in testing
by removing the affected package (netdisco-mibs-installer).
Indeed, this seems to have happened [2].

However, the package promptly re-entered testing [3].
I think the reason it that there's no (real or fake) RC bug to prevent
such a migration.
Do I understand correctly that a grave bug should be filed against
netdisco-mibs-installer/1.3 in order to prevent it from migrating again
and that a second removal request should be issued?


[1] http://lists.debian.org/debian-testing-security-announce/2010/01/msg00003.html
[2] http://packages.qa.debian.org/n/netdisco-mibs-installer/news/20100107T163926Z.html
[3] http://packages.qa.debian.org/n/netdisco-mibs-installer/news/20100108T163921Z.html

-- 
 http://www.inventati.org/frx/progs/scripts/pdebuild-hooks.html
 Need some pdebuild hook scripts?
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpojb2XoNdk5.pgp
Description: PGP signature

Reply to:

Prev by Date: Re: Proposed refactoring of the per-release tracker pages
Next by Date: Re: Proposed refactoring of the per-release tracker pages
Previous by thread: Re: Proposed refactoring of the per-release tracker pages
Next by thread: KVIrc 4.x not affected by CVE-2008-7070
Index(es):
- Date
- Thread