DSA-2163-1 vs. tracker

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: DSA-2163-1 vs. tracker
From: Francesco Poli <invernomuto@paranoici.org>
Date: Wed, 16 Feb 2011 21:39:43 +0100
Message-id: <[🔎] 20110216213943.e2faed88.invernomuto@paranoici.org>

Hello everybody,
according to DSA-2163-1 [1] two vulnerabilities are fixed in sid by
python-django/1.2.5-1
On the other hand, the tracker claims that version 1.2.5-1 is
vulnerable [2][3]

Is the DSA incorrect or should the tracker data be updated?
Could you please clarify?


[1] http://lists.debian.org/debian-security-announce/2011/msg00028.html
[2] http://security-tracker.debian.org/tracker/CVE-2011-0696
[3] http://security-tracker.debian.org/tracker/CVE-2011-0697

-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
..................................................... Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Attachment: pgpwcfCeBEr8m.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: DSA-2163-1 vs. tracker
  - From: Nico Golde <nico@ngolde.de>

Prev by Date: Re: Squeeze release vs. tracker
Next by Date: Re: DSA-2163-1 vs. tracker
Previous by thread: Bug#479594: marked as done (security-tracker: Modify suite-overview of the web site to not show no-dsa issues by default)
Next by thread: Re: DSA-2163-1 vs. tracker
Index(es):
- Date
- Thread