Bug#773322: security-tracker: DSA-3104-1 vs. tracker
Package: security-tracker
Severity: normal
Hello!
DSA-3104-1 [1] states, in part:
| An older security vulnerability, CVE-2004-2771, had already
| been addressed in the Debian's bsd-mailx package.
However, the tracker [2] seems to disagree, as it claims that
all versions of bsd-mailx in Debian are currently vulnerable...
I think the problem is an extra epoch in the (unstable) fixed
version for bsd-mailx: this time the epoch is in the tracker data,
but not in the actual package versions (contrary to the usual
missing epoch issues that I frequently spot!).
Please fix the tracker data.
Thanks for your time!
[1] https://lists.debian.org/debian-security-announce/2014/msg00294.html
[2] https://security-tracker.debian.org/tracker/CVE-2004-2771
Reply to: