Hi all, (source) package linux-2.6 version 2.6.32-31 has just migrated into testing. According to its own changelog, it fixes several vulnerabilities. However, the tracker seems to be unaware of this fact for some of the fixed CVE ids. If the changelog of the package is to be trusted, the following vulnerabilities are fixed in wheezy by linux-2.6/2.6.32-31 : http://security-tracker.debian.org/tracker/CVE-2010-2943 http://security-tracker.debian.org/tracker/CVE-2010-3865 http://security-tracker.debian.org/tracker/CVE-2010-4075 http://security-tracker.debian.org/tracker/CVE-2010-4076 http://security-tracker.debian.org/tracker/CVE-2010-4077 http://security-tracker.debian.org/tracker/CVE-2010-4565 http://security-tracker.debian.org/tracker/CVE-2010-4656 http://security-tracker.debian.org/tracker/CVE-2011-0521 http://security-tracker.debian.org/tracker/CVE-2011-0710 http://security-tracker.debian.org/tracker/CVE-2011-0712 http://security-tracker.debian.org/tracker/CVE-2011-1010 http://security-tracker.debian.org/tracker/CVE-2011-1013 I would say that the tracker data should be updated accordingly... -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpTxy86xS48z.pgp
Description: PGP signature