Hi all! According to DSA-2132-1 [1], various CVEs are fixed in iceweasel/3.5.15-1 for squeeze and sid. On the other hand, the tracker [2] states that those CVEs are only fixed in iceweasel/3.5.16-1, which is currently in sid, but has not yet migrated into squeeze. Typo in the DSA or incorrect tracker data? Could you please explain? [1] http://lists.debian.org/debian-security-announce/2010/msg00183.html [2] http://security-tracker.debian.org/tracker/CVE-2010-3767 http://security-tracker.debian.org/tracker/CVE-2010-3769 http://security-tracker.debian.org/tracker/CVE-2010-3770 http://security-tracker.debian.org/tracker/CVE-2010-3771 http://security-tracker.debian.org/tracker/CVE-2010-3772 http://security-tracker.debian.org/tracker/CVE-2010-3773 http://security-tracker.debian.org/tracker/CVE-2010-3775 http://security-tracker.debian.org/tracker/CVE-2010-3776 http://security-tracker.debian.org/tracker/CVE-2010-3778 -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpqmLOjAi4Z3.pgp
Description: PGP signature