On Thu, 7 Jul 2011 19:00:07 +0200 Francesco Poli wrote: [...] > The tracker seems to be still unaware [1] of DSA-2273-1 [2]. > Please update the tracker data! Thanks for updating the tracker data, but... ...there's still something that does not look right to me. The DSA [2] claims that all the referenced CVE ids are fixed in sid by icedove/3.1.11-1 . However, the tracker (see links from [1]) considers CVE-2011-0083, CVE-2011-0085, CVE-2011-2362, and CVE-2011-2363 as still unfixed in icedove/3.1.11-1 ... > > [1] http://security-tracker.debian.org/tracker/DSA-2273-1 > [2] http://lists.debian.org/debian-security-announce/2011/msg00145.html What's wrong? Is the DSA [2] incorrect about sid, or is the tracker data incomplete? Please clarify. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpBugzISRXA6.pgp
Description: PGP signature