Hi, * Henri Salo <fgeek@hack.fi> [2009-01-19 17:13]: > There is two different CVE IDs given to amarok's vulnerabilities: > > CVE-2009-0135 [1] > CVE-2009-0136 [2] > > I beleive this DSA [3] is for the first CVE. Is there a need to patch > the second one and if yes - what is the status of that process? Both fixed in 1.4.4-4etch1, the CVE ids were not known when this package was released. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgppD1X17_xqB.pgp
Description: PGP signature