Re: CVE-2010-0286 and affected versions

To: Florian Weimer <fw@deneb.enyo.de>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: CVE-2010-0286 and affected versions
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 25 Feb 2010 22:46:08 +0100
Message-id: <[🔎] 20100225214608.GA5576@galadriel.inutil.org>
In-reply-to: <[🔎] 87vddldmek.fsf@mid.deneb.enyo.de>
References: <[🔎] 201002251149.15436.holger@layer-acht.org> <[🔎] 87vddldmek.fsf@mid.deneb.enyo.de>

On Thu, Feb 25, 2010 at 10:40:35PM +0100, Florian Weimer wrote:
> * Holger Levsen:
> 
> > why does http://security-tracker.debian.org/tracker/CVE-2010-0286 lists   
> > 4.2.8-1 in squeeze as affected? squeeze has a newer version and 4.2.8-1 is 
> > not in Debian anywhere anymore...
> 
> We somehow missed the removal of the alpha architecture from squeeze.
> Thanks for spotting this.  I will try to rectify this tomorrow.

Is there a specific reason the Security Tracker is dealing with binary
packages at all? All the information we care about is based on the
source packages AFAICS.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: CVE-2010-0286 and affected versions
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- CVE-2010-0286 and affected versions
  - From: Holger Levsen <holger@layer-acht.org>
- Re: CVE-2010-0286 and affected versions
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: CVE-2010-0286 and affected versions
Next by Date: Re: CVE-2010-0286 and affected versions
Previous by thread: Re: CVE-2010-0286 and affected versions
Next by thread: Re: CVE-2010-0286 and affected versions
Index(es):
- Date
- Thread