[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Amarok CVE-2009-0135 and CVE-2009-0136

* Henri Salo <fgeek@hack.fi> [2009-01-19 17:13]:
> There is two different CVE IDs given to amarok's vulnerabilities:
> CVE-2009-0135 [1]
> CVE-2009-0136 [2]
> I beleive this DSA [3] is for the first CVE. Is there a need to patch
> the second one and if yes - what is the status of that process?

Both fixed in 1.4.4-4etch1, the CVE ids were not known when 
this package was released.

Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgppD1X17_xqB.pgp
Description: PGP signature

Reply to: