On Thu, 12 May 2011 22:13:00 +0200 Florian Weimer wrote: > * Francesco Poli: > > > It seems to me that the DSA-2233-1 tracker page [1] lacks the reference > > to CVE-2009-2939, which is instead present in the actual DSA [2]. > > > > Is there a reason for this, or is it just an inconsistency (that should > > be fixed)? > > CVE-2009-2939 only affects lenny, and we currently lack a way to > express in a better way. Can the CVE be associated to the DSA and also have the additional info that it was fixed for squeeze in a version which is an ancestor of the squeeze version? -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpYfJNDFMuuW.pgp
Description: PGP signature