DSA-2168-1 vs. tracker

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: DSA-2168-1 vs. tracker
From: Francesco Poli <invernomuto@paranoici.org>
Date: Sun, 20 Feb 2011 13:09:24 +0100
Message-id: <[🔎] 20110220130924.0833da7c.invernomuto@paranoici.org>

Hi all!

There's something I cannot understand about the tracker data for
DSA-2168-1 [1].
The CVE tracker pages [2][3] do not have any per-release summary.

I mean that there's no table like

Debian/oldstable   package P is vulnerable.
Debian/stable      package P is vulnerable.
Debian/testing     package P is vulnerable.
Debian/unstable    not vulnerable.

And there's no data about the fixed version for sid: in other words,
the tracker seems to be unaware that openafs/1.4.14+dfsg-1 fixes the
two CVEs in sid.

What's wrong?

[1] http://lists.debian.org/debian-security-announce/2011/msg00034.html
[2] http://security-tracker.debian.org/tracker/CVE-2011-0430
[3] http://security-tracker.debian.org/tracker/CVE-2011-0431

-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
..................................................... Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Attachment: pgp4MhMFUAYPG.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: DSA-2168-1 vs. tracker
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Bug#508314: marked as done (Please add package subscription/notification support)
Next by Date: Re: DSA-2168-1 vs. tracker
Previous by thread: Bug#508314: marked as done (Please add package subscription/notification support)
Next by thread: Re: DSA-2168-1 vs. tracker
Index(es):
- Date
- Thread