Hi, * Henri Salo <firstname.lastname@example.org> [2009-01-19 17:13]: > There is two different CVE IDs given to amarok's vulnerabilities: > > CVE-2009-0135  > CVE-2009-0136  > > I beleive this DSA  is for the first CVE. Is there a need to patch > the second one and if yes - what is the status of that process? Both fixed in 1.4.4-4etch1, the CVE ids were not known when this package was released. Cheers Nico -- Nico Golde - http://www.ngolde.de - email@example.com - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Description: PGP signature