package: security-tracker dsa's that only provide regression fixes end up overriding old fixed version info, which makes it appear that the previous version was vulnerable in tracker views. this should be fixed. see: http://lists.debian.org/debian-security-tracker/2010/05/msg00027.html