Your message dated Sun, 8 Feb 2015 15:04:49 +0100 with message-id <20150208140449.GA3429@eldamar.local> and subject line Re: Bug#777456: security-tracker: DSA-2978-2 vs. tracker has caused the Debian Bug report #777456, regarding security-tracker: DSA-2978-2 vs. tracker to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 777456: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777456 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: security-tracker: DSA-2978-2 vs. tracker
- From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
- Date: Sun, 08 Feb 2015 12:35:56 +0100
- Message-id: <[🔎] 20150208113556.5951.52565.reportbug@homebrew>
Package: security-tracker Severity: normal Hello again, there seems to be a typo in the tracker page for CVE-2014-3660 [1]: it states that the vulnerability is fixed in jessie by libxml2/2.9.1+dfsg1-5 , while DSA-2978-2 [2] says that the fixed version is 2.9.1+dfsg1-4 ... Please fix the tracker data, if this is really a typo. Thanks for your time! [1] https://security-tracker.debian.org/tracker/CVE-2014-3660 [2] https://lists.debian.org/debian-security-announce/2015/msg00039.html
--- End Message ---
--- Begin Message ---
- To: Francesco Poli <invernomuto@paranoici.org>, 777456-done@bugs.debian.org
- Subject: Re: Bug#777456: security-tracker: DSA-2978-2 vs. tracker
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Sun, 8 Feb 2015 15:04:49 +0100
- Message-id: <20150208140449.GA3429@eldamar.local>
- In-reply-to: <[🔎] 20150208144352.2db1fad042a4402ff81a4bbd@paranoici.org>
- References: <[🔎] 20150208113556.5951.52565.reportbug@homebrew> <[🔎] 20150208125836.GA27762@eldamar.local> <[🔎] 20150208144352.2db1fad042a4402ff81a4bbd@paranoici.org>
Hi Francesco, Thanks for your quick follow-up, really appreicated! On Sun, Feb 08, 2015 at 02:43:52PM +0100, Francesco Poli wrote: > On Sun, 8 Feb 2015 13:58:36 +0100 Salvatore Bonaccorso wrote: > > [...] > > The situation for the update in DSA-2978-2 is actually a bit > > complicated. > [...] > > I see... > > > So I would say (unless I now missed something) all the versions in > > tracker are correct (apart we should have delayed adding 2.9.1+dfsg1-5 > > already, since it is not yet approved), > > Yep, I agree. > > [...] > > So I would tend to close this bug, right away, or wait until > > 2.9.1+dfsg1-5 is accepted into jessie via t-p-u, > > Please feel free to do as you prefer. > The tracker is not incorrect, it just talks about a not-yet-available > version... > I hope that version gets accepted soon into t-p-u. I hope so as well. So I'm closing this bugreport. Thanks for your continous contributions to have these glitches in tracker data fixed! Salvatore
--- End Message ---