Re: CVE-2010-0286 and affected versions
* Raphael Geissert:
> Florian Weimer wrote:
>
>> * Holger Levsen:
>>
>>> why does http://security-tracker.debian.org/tracker/CVE-2010-0286 lists
>>> 4.2.8-1 in squeeze as affected? squeeze has a newer version and 4.2.8-1
>>> is not in Debian anywhere anymore...
>>
>> We somehow missed the removal of the alpha architecture from squeeze.
>> Thanks for spotting this. I will try to rectify this tomorrow.
>
> I did remove it some time ago, but I should have probably rebuilt the
> database from scratch.
Ah, there was still a cached parser result in the inodeprints table.
I've deleted it, and everything should be fine now.
Reply to: