CVE-2009-1284
Dear security team,
on the tracker page
http://security-tracker.debian.org/tracker/CVE-2009-1284
I see that texlive-bin 2009-1 is still listed as vulnerable.
We did close the bug 520920, but probably we should add the CVE string
to close this bug.
Now my question: If for the next upload we edit the old changelog entry
will that be enough, or is there anything else we should/need to do?
Then, for stable: Do you want us to prepare a security update for lenny?
For sid/testing I would prefer to just leave it like it is, since after
a certain testing phase we want to get the 2009 packages into unstable
anyway.
Please tell us about your preferences, and thanks a lot for your good work
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining Associate Professor
JAIST Japan Advanced Institute of Science and Technology preining@jaist.ac.jp
Vienna University of Technology preining@logic.at
Debian Developer (Debian TeX Task Force) preining@debian.org
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
CLATHY (adj.)
Nervously indecisive about how safely to dispose of a dud lightbulb.
--- Douglas Adams, The Meaning of Liff
Reply to: