Bug#803591: marked as done (security-tracker: DSA-3381-1 vs. tracker)
Your message dated Sun, 1 Nov 2015 05:53:26 +0100
with message-id <20151101045326.GA24620@eldamar.local>
and subject line Re: Bug#803591: security-tracker: DSA-3381-1 vs. tracker
has caused the Debian Bug report #803591,
regarding security-tracker: DSA-3381-1 vs. tracker
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
803591: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803591
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: security-tracker: DSA-3381-1 vs. tracker
- From: "Francesco Poli \(wintermute\)" <invernomuto@paranoici.org>
- Date: Sat, 31 Oct 2015 16:52:01 +0100
- Message-id: <144630672115.8730.15753794881012372618.reportbug@sleepy>
Package: security-tracker
Severity: normal
Hello everybody!
DSA-3381-1 [1] states that several vulnerabilities are fixed in
openjdk-7/7u85-2.6.1-5 for sid, but the tracker [2] claims that many
of those vulnerabilities are only fixed in openjdk-7/7u85-2.6.1-6 .
Is that a typo in the DSA or should the tracker data be updated?
Moreover the tracker claims [3] that one of the vulnerabilities
(CVE-2015-4871) is unfixed in sid.
Again: is the DSA wrong or should the tracker data be updated?
Please clarify, thanks for your time!
[1] https://lists.debian.org/debian-security-announce/2015/msg00280.html
[2] see links for CVE ids in
https://security-tracker.debian.org/tracker/DSA-3381-1
[3] https://security-tracker.debian.org/tracker/CVE-2015-4871
--- End Message ---
--- Begin Message ---
- To: "Francesco Poli (wintermute)" <invernomuto@paranoici.org>, 803591-done@bugs.debian.org
- Subject: Re: Bug#803591: security-tracker: DSA-3381-1 vs. tracker
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Sun, 1 Nov 2015 05:53:26 +0100
- Message-id: <20151101045326.GA24620@eldamar.local>
- In-reply-to: <144630672115.8730.15753794881012372618.reportbug@sleepy>
- References: <144630672115.8730.15753794881012372618.reportbug@sleepy>
On Sat, Oct 31, 2015 at 04:52:01PM +0100, Francesco Poli (wintermute) wrote:
> Package: security-tracker
> Severity: normal
>
> Hello everybody!
>
> DSA-3381-1 [1] states that several vulnerabilities are fixed in
> openjdk-7/7u85-2.6.1-5 for sid, but the tracker [2] claims that many
> of those vulnerabilities are only fixed in openjdk-7/7u85-2.6.1-6 .
> Is that a typo in the DSA or should the tracker data be updated?
I have updated the wepage to reflect the correct version for sid now
as well (cf. https://www.debian.org/security/2015/dsa-3381)
There will be a regression update for jessie-security soon.
So closing this bugreport now.
Thanks for your time doublechecking the entries!
Regards,
Salvatore
--- End Message ---
Reply to: