Hello everybody (again)! I am looking at the tracker page [1] for bug #612033. According to the tracker, the vulnerability is still unfixed in wheezy/contrib and in sid/contrib (conky version 1.8.0-1.1). However, the bug report itself [2] claims that the problem has been fixed exactly in conky/1.8.0-1.1 . Who's wrong and who's right? Should the tracker data be updated in order to reflect the BTS? Or should the bug be reopened as unfixed? [1] http://security-tracker.debian.org/tracker/612033 [2] http://bugs.debian.org/612033 -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Attachment:
pgpH1LgmgebDx.pgp
Description: PGP signature