Bug#803591: security-tracker: DSA-3381-1 vs. tracker

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#803591: security-tracker: DSA-3381-1 vs. tracker
From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
Date: Sat, 31 Oct 2015 16:52:01 +0100
Message-id: <[🔎] 144630672115.8730.15753794881012372618.reportbug@sleepy>
Reply-to: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>, 803591@bugs.debian.org

Package: security-tracker
Severity: normal

Hello everybody!

DSA-3381-1 [1] states that several vulnerabilities are fixed in
openjdk-7/7u85-2.6.1-5 for sid, but the tracker [2] claims that many
of those vulnerabilities are only fixed in openjdk-7/7u85-2.6.1-6 .
Is that a typo in the DSA or should the tracker data be updated?

Moreover the tracker claims [3] that one of the vulnerabilities
(CVE-2015-4871) is unfixed in sid.
Again: is the DSA wrong or should the tracker data be updated?

Please clarify, thanks for your time!


[1] https://lists.debian.org/debian-security-announce/2015/msg00280.html
[2] see links for CVE ids in
    https://security-tracker.debian.org/tracker/DSA-3381-1
[3] https://security-tracker.debian.org/tracker/CVE-2015-4871

Reply to:

Follow-Ups:
- Bug#803591: security-tracker: DSA-3381-1 vs. tracker
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: data/CVE/list color
Next by Date: Processed: tagging 803591
Previous by thread: Re: data/CVE/list color
Next by thread: Bug#803591: security-tracker: DSA-3381-1 vs. tracker
Index(es):
- Date
- Thread