icedove: security issue - already fixed?

To: Christoph Goehre <chris@sigxcpu.org>
Cc: debian-security-tracker@lists.debian.org
Subject: icedove: security issue - already fixed?
From: Hideki Yamane <henrich@debian.or.jp>
Date: Thu, 2 Sep 2010 19:16:17 +0900
Message-id: <[🔎] 20100902191617.dc9a4613.henrich@debian.or.jp>

Hi icedove maintainer,

 Now I'm checking security-tracker and there still two security bug flags
 that releated to icedove package exist.
 http://security-tracker.debian.org/tracker/CVE-2010-1196
 http://security-tracker.debian.org/tracker/CVE-2010-1199

 There is no mention in its changelog for

  - MFSA 2010-25 aka CVE-2010-1121
     http://www.mozilla.org/security/announce/2010/mfsa2010-25.html
  - MFSA 2010-26 aka CVE-2010-1200, CVE-2010-1201 and CVE-2010-1202
     http://www.mozilla.org/security/announce/2010/mfsa2010-26.html
  - MFSA 2010-29 aka CVE-2010-1196
     http://www.mozilla.org/security/announce/2010/mfsa2010-29.html
  - MFSA 2010-30 aka CVE-2010-1199
     http://www.mozilla.org/security/announce/2010/mfsa2010-30.html

 however, those issue were already fixed with this 3.0.5 release, right?
 If so, please add it to its changelog next upload.

 Thanks.


-- 
Regards,

 Hideki Yamane     henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane

Reply to:

Follow-Ups:
- Re: icedove: security issue - already fixed?
  - From: Christoph Goehre <chris@sigxcpu.org>

Prev by Date: Re: CVE-2010-2478, CVE-2010-2537: fixed in linux-2.6 2.6.32-19
Next by Date: Re: DSA-2099-1 vs. tracker
Previous by thread: Re: CVE-2010-2478, CVE-2010-2537: fixed in linux-2.6 2.6.32-19
Next by thread: Re: icedove: security issue - already fixed?
Index(es):
- Date
- Thread