Bug#683921: security-tracker: DSA-2519-2 vs. tracker

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#683921: security-tracker: DSA-2519-2 vs. tracker
From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
Date: Sun, 05 Aug 2012 14:51:26 +0200
Message-id: <[🔎] 20120805125126.6203.92101.reportbug@homebrew>
Reply-to: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>, 683921@bugs.debian.org

Package: security-tracker
Severity: normal

Hi!

DSA-2519-2 has been issued [1], stating that the previously
announced security patches were not really applied to
isc-dhcp/4.1.1-P1-15+squeeze5, an issue that has been fixed
in isc-dhcp/4.1.1-P1-15+squeeze6.

[1] https://lists.debian.org/debian-security-announce/2012/msg00161.html

Hence, it is my understanding that isc-dhcp/4.1.1-P1-15+squeeze5
is still vulnerable to CVE-2011-4539, CVE-2012-3571, and CVE-2012-3954,
while isc-dhcp/4.1.1-P1-15+squeeze6 is fixed.

On the other hand, the tracker still seems to consider
isc-dhcp/4.1.1-P1-15+squeeze5 as fixed, and shows no trace of
DSA-2519-2 (the corresponding tracker page [2] still redirects
to the one for DSA-2519-1).

[2] http://security-tracker.debian.org/tracker/DSA-2519-2

Please update the tracker data.

Thanks again for your time!

Reply to:

Follow-Ups:
- Bug#683921: marked as done (security-tracker: DSA-2519-2 vs. tracker)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#683916: security-tracker: DSA-2520-1 vs. tracker
Next by Date: Bug#683922: security-tracker: DSA-2521-1 vs. tracker
Previous by thread: Bug#683916: marked as done (security-tracker: DSA-2520-1 vs. tracker)
Next by thread: Bug#683921: marked as done (security-tracker: DSA-2519-2 vs. tracker)
Index(es):
- Date
- Thread