Thank you for the quick reply.
Will this happen for all the DSAs with partial CVEs for a distro?
Is there any other limitations to the tracker site?
By the way, is there a DSA index page for the tracker site?
On Tue, Oct 13, 2015 at 05:08:39PM +0800, Xiaoguang Bai wrote:
> For DSA-3348-1, the information in following 2 sources does not match. The
> security tracker site does not show the fixed package/version for wheezy.
> Actually, I have noticed quite a few of differences between the DSA mailing
> list and this tracker site. Should they match each other? May I know what
> might be the reason if they are different?
This is sort of current limitation for the security-tracker when you
have not overlapping fixing versions. The free text form explains that
only two CVEs affect wheezy. If you then check the CVEs explicitly,
this has the correct information (which cannot be displayed correctly
for DSA-3348-1 overview page regarding the versions).