Please help with discrepancies in CVE-2011-3578

To: <debian-security-tracker@lists.debian.org>
Cc: <midget@debian.org>
Subject: Please help with discrepancies in CVE-2011-3578
From: <sils@powered-by-linux.com>
Date: Sat, 16 Jun 2012 00:40:33 +0200
Message-id: <[🔎] 439276f3a0145693b71a312a110793c7@localhost>

Hi Team,

I had prepared a new security-stable version for mantis package to fix
some new CVE's, and I found out that CVE-2011-3578 [1], patched on mantis
1.1.8+dfsg-10squeeze1, from 2011, was not yet updated in the security
tracker.

The CVE-2011-3578 was not yet assigned when the security package,
including the patch [2],
12-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff [3], was uploaded
and fixed.

Please, could you update the tracker and fix it?

Thanks in advance,

Regards,

Sils

PS: please CC me, I'm not subscribed on the list.

[1] http://security-tracker.debian.org/tracker/CVE-2011-3578
[2]
http://packages.debian.org/changelogs/pool/main/m/mantis/mantis_1.1.8+dfsg-10squeeze1/changelog#version1.1.8_dfsg-10squeeze1
[3] http://patch-tracker.debian.org/package/mantis/1.1.8+dfsg-10squeeze1

Reply to:

Follow-Ups:
- Re: Please help with discrepancies in CVE-2011-3578
  - From: "Thijs Kinkhorst" <thijs@debian.org>

Prev by Date: External check
Next by Date: External check
Previous by thread: External check
Next by thread: Re: Please help with discrepancies in CVE-2011-3578
Index(es):
- Date
- Thread