Re: Missing package in Debian Security Tracker site
On Tue, Oct 13, 2015 at 05:08:39PM +0800, Xiaoguang Bai wrote:
> For DSA-3348-1, the information in following 2 sources does not match. The
> security tracker site does not show the fixed package/version for wheezy.
> Actually, I have noticed quite a few of differences between the DSA mailing
> list and this tracker site. Should they match each other? May I know what
> might be the reason if they are different?
This is sort of current limitation for the security-tracker when you
have not overlapping fixing versions. The free text form explains that
only two CVEs affect wheezy. If you then check the CVEs explicitly,
this has the correct information (which cannot be displayed correctly
for DSA-3348-1 overview page regarding the versions).