Bug#703002: marked as done (security-tracker: DSA-2643-1 vs. tracker)

To: Salvatore Bonaccorso <carnil@debian.org>
Subject: Bug#703002: marked as done (security-tracker: DSA-2643-1 vs. tracker)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 14 Mar 2013 07:09:04 +0000
Message-id: <[🔎] handler.703002.D703002.136324471124920.ackdone@bugs.debian.org>
References: <20130314070500.GA8149@elende> <[🔎] 20130313224114.5090.79511.reportbug@homebrew>

Your message dated Thu, 14 Mar 2013 08:05:00 +0100
with message-id <20130314070500.GA8149@elende>
and subject line Re: Bug#703002: security-tracker: DSA-2643-1 vs. tracker
has caused the Debian Bug report #703002,
regarding security-tracker: DSA-2643-1 vs. tracker
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
703002: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703002
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: security-tracker: DSA-2643-1 vs. tracker

From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>

Date: Wed, 13 Mar 2013 23:41:14 +0100

Message-id: <[🔎] 20130313224114.5090.79511.reportbug@homebrew>
Package: security-tracker
Severity: normal

Hi,
DSA-2643-1 [1] states that several vulnerabilities have been fixed
for sid in puppet/2.7.18-3 .
The tracker seems to agree on all the corresponding CVE pages, but one!
Namely, CVE-2013-2274 [2] seems to be still considered unfixed for sid.

Which is wrong? The DSA or the tracker?

Please clarify and fix the tracker data, as appropriate.

Thanks for your time!

[1] https://lists.debian.org/debian-security-announce/2013/msg00048.html
[2] https://security-tracker.debian.org/tracker/CVE-2013-2274
--- End Message ---

--- Begin Message ---

To: "Francesco Poli (wintermute)" <invernomuto@paranoici.org>, 703002-done@bugs.debian.org

Subject: Re: Bug#703002: security-tracker: DSA-2643-1 vs. tracker

From: Salvatore Bonaccorso <carnil@debian.org>

Date: Thu, 14 Mar 2013 08:05:00 +0100

Message-id: <20130314070500.GA8149@elende>

In-reply-to: <[🔎] 20130313224114.5090.79511.reportbug@homebrew>

References: <[🔎] 20130313224114.5090.79511.reportbug@homebrew>
Hi Francesco

On Wed, Mar 13, 2013 at 11:41:14PM +0100, Francesco Poli (wintermute) wrote:
> Package: security-tracker
> Severity: normal
> 
> Hi,
> DSA-2643-1 [1] states that several vulnerabilities have been fixed
> for sid in puppet/2.7.18-3 .
> The tracker seems to agree on all the corresponding CVE pages, but one!
> Namely, CVE-2013-2274 [2] seems to be still considered unfixed for sid.
> 
> Which is wrong? The DSA or the tracker?
> 
> Please clarify and fix the tracker data, as appropriate.
> 
> Thanks for your time!

Thank you for noticing this. CVE-2013-2274 only affects puppet
2.6.x[1].

 [1]: https://puppetlabs.com/security/cve/cve-2013-2274/

I marked the info on our tracker accordingly.

Regards,
Salvatore
--- End Message ---

Reply to:

References:
- Bug#703002: security-tracker: DSA-2643-1 vs. tracker
  - From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>

Prev by Date: External check
Next by Date: External check
Previous by thread: Bug#703002: security-tracker: DSA-2643-1 vs. tracker
Next by thread: [prsc.debian.net] PRSC Fix accepted
Index(es):
- Date
- Thread