Re: moin 1.5.3-1.2etch1 and CVE-2006-0658

To: Jim Popovitch <yahoo@jimpop.com>, debian-security@lists.debian.org
Subject: Re: moin 1.5.3-1.2etch1 and CVE-2006-0658
From: Raphael Geissert <atomo64+debian@gmail.com>
Date: Sat, 22 Nov 2008 17:23:53 -0600
Message-id: <49289493.0309d00a.2d81.1886@mx.google.com>
References: <7ff145960811220928lc4990f8pba21e6f5d8bf80a8@mail.gmail.com>

Hi,

Jim Popovitch wrote:

> I'm seeing some inconsistencies floating around and reaching out here
> for some clarification.... ;-)
> 
> According to this source
>     http://idssi.enyo.de/tracker/CVE-2006-0658
> Etch "package moin is vulnerable".
> 
> However there is no mention of it here:
> http://bugs.debian.org/cgi-bin/pkgreport.cgi?src=moin.

> Is there a vulnerable bug or not?

Thanks for pointing that out. moin in stable isn't affected, so I've updated the
database accordingly (the tracker should reflect this change in a couple of
minutes).

> 
> Further, apt reports:
> 
>       Package moin is not available, but is referred to by another package.
>       This may mean that the package is missing, has been obsoleted, or
>       is only available from another source
>       However the following packages replace it:
>           moinmoin-common
> 

That's because moin is the source package name, see: apt-cache showsrc moin

Cheers,
-- 
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net

Reply to:

References:
- moin 1.5.3-1.2etch1 and CVE-2006-0658
  - From: "Jim Popovitch" <yahoo@jimpop.com>

Prev by Date: moin 1.5.3-1.2etch1 and CVE-2006-0658
Next by Date: Fixes for HPLIP vulnerabilities in Etch?
Previous by thread: moin 1.5.3-1.2etch1 and CVE-2006-0658
Next by thread: Fixes for HPLIP vulnerabilities in Etch?
Index(es):
- Date
- Thread