Version Numbers in DSAs
Hi there,
I'm having a bit of trouble with version
numbers reported in DSAs. We keep our stable systems patched by updating
against security.debian.org but have an external audit process, which compares
the versions of installed packages with the versions reported as fixed
in each DSA.
The problem is that the versions reported
in the DSA are often missing the epoch; take for example the bind9 DSA-1847
which says that the problem is fixed in version 9.5.1.dfsg.P3-1 when the
version on my patched Lenny system is actually 1:9.5.1.dsfg.P3-1. If I
hadn't applied the patch, I'd be running an earlier version (say 1:9.5.1),
which dpkg --compare-versions would still show as being more recent than
the "fixed" version reported in the DSA.
Is it possible to include the epoch
in the version number reported in the DSA, so it matches the actual version
field of the Debian package which includes the fix? I presume this is simply
a bug in the automated DSA issuing process...
Cheers,
Alex
--
Alex Page
Senior Systems Administrator, Systems & Technology Group Manchester
Lab, IBM UK
Phone: +44 (0) 161 836 2300
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6
3AU
Reply to: