Incorrect classification of CVE-2009-4411?

To: debian-security-tracker@lists.debian.org
Subject: Incorrect classification of CVE-2009-4411?
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 13 Nov 2010 09:46:50 +0100
Message-id: <[🔎] 2fl4obltxtx.fsf@login1.uio.no>

According to debsecan on one of my Lenny boxes, CVE-2009-4411 can be
fixed by upgrading:

  *** Available security updates

  CVE-2009-4411 The (1) setfacl and (2) getfacl commands in XFS acl...
    <http://security-tracker.debian.net/tracker/CVE-2009-4411>
    - libacl1 (low urgency)

But when I try to upgrade the Lenny machine, there is no update
available.  Is the hole incorrectly classified?

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Re: Incorrect classification of CVE-2009-4411?
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: GPS info SJ
Next by Date: Debian BTS report for CVE-2010-2941 (cups)
Previous by thread: GPS info SJ
Next by thread: Re: Incorrect classification of CVE-2009-4411?
Index(es):
- Date
- Thread