Bug#777454: security-tracker: DSA-3155-1 vs. tracker

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#777454: security-tracker: DSA-3155-1 vs. tracker
From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
Date: Sun, 08 Feb 2015 12:24:54 +0100
Message-id: <[🔎] 20150208112454.5782.59087.reportbug@homebrew>
Reply-to: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>, 777454@bugs.debian.org

Package: security-tracker
Severity: normal

Hello everybody,
there seems to be something weird going on.

The tracker page [1] for DSA-3155-1 [2] looks OK: it states
that the vulnerabilities are fixed in wheezy by
postgresql-9.1/9.1.15-0+deb7u1 (in agreement with the DSA itself).

On the other hand, the CVE tracker pages [3][4][5][6], despite
being linked to DSA-3155-1, disagree with it, claiming that wheezy
is still vulnerable.

I thought that this was not even possible in the tracker!
Apparently I was wrong...
What did I fail to understand?

Please fix the tracker data.
Thanks for your time!

[1] https://security-tracker.debian.org/tracker/DSA-3155-1
[2] https://lists.debian.org/debian-security-announce/2015/msg00038.html
[3] https://security-tracker.debian.org/tracker/CVE-2014-8161
[4] https://security-tracker.debian.org/tracker/CVE-2015-0241
[5] https://security-tracker.debian.org/tracker/CVE-2015-0243
[6] https://security-tracker.debian.org/tracker/CVE-2015-0244

Reply to:

Follow-Ups:
- Bug#777454: marked as done (security-tracker: DSA-3155-1 vs. tracker)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: External check
Next by Date: Bug#777456: security-tracker: DSA-2978-2 vs. tracker
Previous by thread: DSA candidates
Next by thread: Bug#777454: marked as done (security-tracker: DSA-3155-1 vs. tracker)
Index(es):
- Date
- Thread