Re: Update for WebAuth (CVE-2009-2945)
Hi,
> The security tracker shows CVE-2009-2945 as unfixed, but this was fixed in
> 3.6.2-1 for unstable/testing (and is mentioned in the changelog). It
> didn't warrant a DSA, so the fix for stable went through
> stable-proposed-updates, but it's there as 3.6.0-1+lenny1 for the next
> stable release. It was also fixed in 3.6.2-1~bpo50+1 for lenny-backports,
> so only arm still has an issue there (presumably due to a missing build).
I've added the 3.6.0-1+lenny1 update to the Tracker. Note that it
will still be marked as open until the spu update is actually installed
into the next point update.
Thanks,
Moritz
Reply to: