Re: CVE-2010-0286 and affected versions
On Thu, Feb 25, 2010 at 10:40:35PM +0100, Florian Weimer wrote:
> * Holger Levsen:
>
> > why does http://security-tracker.debian.org/tracker/CVE-2010-0286 lists
> > 4.2.8-1 in squeeze as affected? squeeze has a newer version and 4.2.8-1 is
> > not in Debian anywhere anymore...
>
> We somehow missed the removal of the alpha architecture from squeeze.
> Thanks for spotting this. I will try to rectify this tomorrow.
Is there a specific reason the Security Tracker is dealing with binary
packages at all? All the information we care about is based on the
source packages AFAICS.
Cheers,
Moritz
Reply to: