begin quotation from Moritz Mühlenhoff (in <[🔎] 20110413182904.GA3998@pisco.westfalen.local>): > On Thu, Apr 07, 2011 at 12:11:53AM +0200, Arne Wichmann wrote: > > #611495, to which the security-tracker page refers, is closed. The CVE says > > it applies to 0.6.1 and earlier - the version is now 0.6.2 . But the > > security tracker still lists ffmpeg as vulnerable. Did I miss something? > > > > (Reply-To set as I am not on the list at the moment) > > Lenny is still unfixed and it's a different source package (ffmpeg-debian) Yeah, but it is listed as vulnerable for all versions but the version in lenny-security. In my understanding only lenny should be vulnerable. cu AW -- [...] If you don't want to be restricted, don't agree to it. If you are coerced, comply as much as you must to protect yourself, just don't support it. Noone can free you but yourself. (crag, on Debian Planet) Arne Wichmann (aw@linux.de)
Attachment:
signature.asc
Description: Digital signature