debsecan vs. debian-volatile

To: debian-security@lists.debian.org
Subject: debsecan vs. debian-volatile
From: "Aneurin Price" <aneurin.price@gmail.com>
Date: Mon, 3 Sep 2007 14:17:24 +0100
Message-id: <[🔎] 501db8660709030617i461624e3v343d34af888a4961@mail.gmail.com>

Hi all, I hope this question is appropriate for this list. Feel free
to chide me appropriately if not :P.

I'm running sarge with clamav from debian-volatile, and debsecan
reports some vulnerabilities with it. I'm fairly sure that the version
I have installed (0.91.2-0volatile1) is in fact okay, and that the
problem is simply that debsecan doesn't understand volatile - based on
the vulnerability descriptions which seem to be telling me that the
vulnerabilities are fixed in the version I'm using.

I would however be grateful if anybody could confirm this to be the
case - or point out if I'm wrong.

Thanks for your time,
Aneurin Price

Reply to:

Follow-Ups:
- Re: debsecan vs. debian-volatile
  - From: Stephen Gran <sgran@debian.org>
- Re: debsecan vs. debian-volatile
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: fail2ban vs. syslogd compression
Next by Date: Re: debsecan vs. debian-volatile
Previous by thread: Re: fail2ban vs. syslogd compression
Next by thread: Re: debsecan vs. debian-volatile
Index(es):
- Date
- Thread