Re: ecartis?

To: debian-security@lists.debian.org
Cc:
Subject: Re: ecartis?
From: Blars Blarson <blarson@blars.org>
Date: Fri, 2 Apr 2004 13:34:32 -0800
Message-id: <[🔎] 200404022134.i32LYWt2029575@renig.nat.blars.org>
In-reply-to: <[🔎] 20040402112303.GA22961@forumakad.pl>

In article <[🔎] 20040402112303.GA22961@forumakad.pl> eyck@forumakad.pl writes:
>Hi, 
> there are still two critical bugs filed against ecartis, one is 1 year
>old, another is 203 days old.  Second one seems to have been closed, and
>then reopened. 
> Does this mean ecartis is still vulnerable ( I don't care about first,
> postfix-related too much, but it's still depressing )...?

Both bugs have been fixed in unstable for a long time.

The security team recently fixed the security problems in DSA-467-1, but
forgot to close the associated bug 210444.  I am doing so now.

As the current maintainer of the debian ecartis package, I was happy
to see the DSA for the long-standing bugs.  I had looked at building
patches, but the information on the ecartis web site was incomplete
and the standard policy is not to allow new releases in stable.  The
security team did not consult me before doing the DSA.  (They may have
consulted one of the previous maintainers.)

It is possible they may have fixed the other bug at the same time.
-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
With Microsoft, failure is not an option.  It is a standard feature.

Reply to:

References:
- ecartis?
  - From: Dariush Pietrzak <eyck@forumakad.pl>

Prev by Date: ecartis?
Next by Date: Re: Unavailable Delivery : Mail was rejected
Previous by thread: ecartis?
Next by thread: Re: Unavailable Delivery : Mail was rejected
Index(es):
- Date
- Thread