On Sat, 2 Jul 2011 16:48:26 +0200 Francesco Poli wrote: [...] > It says that several CVE ids are fixed in iceweasel/3.5.16-9 for stable. > However I cannot find any trace of that version [...] Hi again, I've just written to <security@debian.org> about this first issue, since I remembered that this kind of problems should be reported there. I hope they explain or fix the issue soon. > Another issue, though a minor one, is that the DSA [...] lists > CVE-2011-2365 as one of the addressed vulnerabilities, but fails to > include a description for that CVE id. > The tracker page [...] refers to that CVE id as well, and indeed it seems > that this CVE id is about iceweasel. > If this CVE id is really fixed by DSA-2268-1, then I think that the > tracker is consistent with the DSA. > Otherwise, please fix the tracker data. This second issue, if confirmed, is instead tracker-specific: please clarify or fix it. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpa69kNjUsxe.pgp
Description: PGP signature