Bug#683921: security-tracker: DSA-2519-2 vs. tracker
Package: security-tracker
Severity: normal
Hi!
DSA-2519-2 has been issued [1], stating that the previously
announced security patches were not really applied to
isc-dhcp/4.1.1-P1-15+squeeze5, an issue that has been fixed
in isc-dhcp/4.1.1-P1-15+squeeze6.
[1] https://lists.debian.org/debian-security-announce/2012/msg00161.html
Hence, it is my understanding that isc-dhcp/4.1.1-P1-15+squeeze5
is still vulnerable to CVE-2011-4539, CVE-2012-3571, and CVE-2012-3954,
while isc-dhcp/4.1.1-P1-15+squeeze6 is fixed.
On the other hand, the tracker still seems to consider
isc-dhcp/4.1.1-P1-15+squeeze5 as fixed, and shows no trace of
DSA-2519-2 (the corresponding tracker page [2] still redirects
to the one for DSA-2519-1).
[2] http://security-tracker.debian.org/tracker/DSA-2519-2
Please update the tracker data.
Thanks again for your time!
Reply to: