Re: DSA-2233-1 vs. tracker
Francesco Poli wrote:
> On Thu, 12 May 2011 22:13:00 +0200 Florian Weimer wrote:
> > * Francesco Poli:
> > > It seems to me that the DSA-2233-1 tracker page  lacks the reference
> > > to CVE-2009-2939, which is instead present in the actual DSA .
> > >
> > > Is there a reason for this, or is it just an inconsistency (that should
> > > be fixed)?
> > CVE-2009-2939 only affects lenny, and we currently lack a way to
> > express in a better way.
> Can the CVE be associated to the DSA and also have the additional info
> that it was fixed for squeeze in a version which is an ancestor of the
> squeeze version?
Not with current tracker limitations.