Bug#703002: security-tracker: DSA-2643-1 vs. tracker

["Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>]

Package: security-tracker
Severity: normal

Hi,
DSA-2643-1 [1] states that several vulnerabilities have been fixed
for sid in puppet/2.7.18-3 .
The tracker seems to agree on all the corresponding CVE pages, but one!
Namely, CVE-2013-2274 [2] seems to be still considered unfixed for sid.

Which is wrong? The DSA or the tracker?

Please clarify and fix the tracker data, as appropriate.

Thanks for your time!

[1] https://lists.debian.org/debian-security-announce/2013/msg00048.html
[2] https://security-tracker.debian.org/tracker/CVE-2013-2274