Hi all, DSA-2008-1 [1][2] is about CVE-less vulnerabilities reported in bug #571151. The corresponding temporary tracker page may be found by using the bug report number [3]: I think this vulnerability should be marked as fixed in lenny (security) by typo3-src/4.2.5-1+lenny3, as claimed by the DSA. A somewhat similar, but not identical, problem may be found in DSA-2013-1 [4][5]: there seems to be no temporary tracker page for the CVE-less vulnerabilities, hence these problems are not listed in the release page for unstable (where egroupware is still present, despite being removed from testing). If these vulnerabilities are still unfixed in unstable, I think a temporary tracker page should be created to track them. Please update the tracker, as appropriate. [1] http://lists.debian.org/debian-security-announce/2010/msg00048.html [2] http://security-tracker.debian.org/tracker/DSA-2008-1 [3] http://security-tracker.debian.org/tracker/571151 [4] http://lists.debian.org/debian-security-announce/2010/msg00053.html [5] http://security-tracker.debian.org/tracker/DSA-2013-1 -- http://www.inventati.org/frx/progs/scripts/pdebuild-hooks.html Need some pdebuild hook scripts? ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpA1l1_WXvy_.pgp
Description: PGP signature