gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?

To: debian-security@lists.debian.org
Subject: gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?
From: James Strandboge <jamie@strandboge.com>
Date: Tue, 06 Dec 2005 22:13:24 -0500
Message-id: <[🔎] 1133925204.31772.3.camel@localhost.localdomain>

In reviewing the changelog and source for gtk+2.0, CVE-2005-3186 and
CVE-2005-2975 are explicitly mentioned (and have patches in
debian/patches).  However, CVE-2005-2976 is not mentioned in the
changelog and does not have a separate patch in debian/patches, though
it is mentioned in the DSA.  Is this an oversight in the changelog or
was the patch not included? 

Thanks

-- 
James Strandboge
jamie@strandboge.com

Reply to:

Follow-Ups:
- Re: gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Re: Question about iptables
Next by Date: Re: Re: Clear screen question
Previous by thread: Re: Question about iptables
Next by thread: Re: gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?
Index(es):
- Date
- Thread