Bug#651603: security-tracker: DSA-2362-1 vs. tracker

To: 651603@bugs.debian.org
Subject: Bug#651603: security-tracker: DSA-2362-1 vs. tracker
From: Francesco Poli <invernomuto@paranoici.org>
Date: Sat, 10 Dec 2011 19:03:46 +0100
Message-id: <[🔎] 20111210190346.b0660e2982b1a7caa8392dca@paranoici.org>
Reply-to: Francesco Poli <invernomuto@paranoici.org>, 651603@bugs.debian.org
In-reply-to: <[🔎] 20111210112231.4419.93704.reportbug@homebrew>
References: <[🔎] 20111210112231.4419.93704.reportbug@homebrew>

On Sat, 10 Dec 2011 12:22:31 +0100 Francesco Poli (wintermute) wrote:

[...]
> It seems to me that the tracker page [1] for DSA-2362-1 [2] misses
> the epoch in the squeeze fixed version (which should be 1:2.0.7-1squeeze3
> rather than 2.0.7-1squeeze3).

This first issue seems to have been (silently) fixed by someone.
Thanks to that someone!

> 
> Moreover, the DSA [2] says that CVE-2011-2777 does not affect oldstable,
> but the tracker [3] seems to disagree.

This second issue seems to still hold, though.

[...]
> 
> [1] http://security-tracker.debian.org/tracker/DSA-2362-1
> [2] http://lists.debian.org/debian-security-announce/2011/msg00240.html
> [3] http://security-tracker.debian.org/tracker/CVE-2011-2777


-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
..................................................... Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE

Attachment: pgpSulz883wdn.pgp
Description: PGP signature

Reply to:

References:
- Bug#651603: security-tracker: DSA-2362-1 vs. tracker
  - From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>

Prev by Date: Bug#651603: security-tracker: DSA-2362-1 vs. tracker
Next by Date: Bug#651603: marked as done (security-tracker: DSA-2362-1 vs. tracker)
Previous by thread: Bug#651603: security-tracker: DSA-2362-1 vs. tracker
Next by thread: Bug#651603: marked as done (security-tracker: DSA-2362-1 vs. tracker)
Index(es):
- Date
- Thread