bogus information on page about mksh

To: debian-security-tracker@lists.debian.org
Subject: bogus information on page about mksh
From: Thorsten Glaser <tg@mirbsd.de>
Date: Fri, 28 May 2010 20:57:35 +0000 (UTC)
Message-id: <[🔎] Pine.BSM.4.64L.1005282056450.31860@herc.mirbsd.org>

Hi,

http://security-tracker.debian.org/tracker/CVE-2008-1845 reports:

Vulnerable and fixed packages

The table below lists information on source packages.Source Package	Release	Version	Status
mksh (PTS)	etch	28.0-3	vulnerable
	lenny	35.2-3	fixed
	squeeze	39.3-3	fixed
	lenny-backports	39.3-3~bpo50+1	fixed
	sid	39.3-4	fixed


The information above is based on the following data on fixed versions.Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mksh	source	(unstable)	33.4-1	low

Notes
[etch] - mksh <no-dsa> (Minor issue)
next point update: [etch] - mksh 28.0-3


I think some fixed information for 28.0-3 is missing.

Thanks,
//mirabilos
-- 
I believe no one can invent an algorithm. One just happens to hit upon it
when God enlightens him. Or only God invents algorithms, we merely copy them.
If you don't believe in God, just consider God as Nature if you won't deny
existence.		-- Coywolf Qi Hunt

Reply to:

Prev by Date: Re: DSA-2048-1 vs. tracker
Previous by thread: Re: DSA-2048-1 vs. tracker
Index(es):
- Date
- Thread