Bug#985427: Wrong DLA number for spice CVEs

To: "submit@bugs.debian.org" <submit@bugs.debian.org>
Subject: Bug#985427: Wrong DLA number for spice CVEs
From: Petr Perminov <pperminov@ptsecurity.com>
Date: Thu, 18 Mar 2021 05:40:42 +0000
Message-id: <[🔎] a82f4255b99347ac89312804b0ff416a@ptsecurity.com>
Reply-to: Petr Perminov <pperminov@ptsecurity.com>, 985427@bugs.debian.org

Package: www.debian.org

Severity: normal

-- System Information:

Debian Release: 10.4

APT prefers stable-updates

APT policy: (500, 'stable-updates'), (500, 'stable')

Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-9-amd64 (SMP w/4 CPU cores)

Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE

Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)

Shell: /bin/sh linked to /usr/bin/dash

Init: systemd (via /run/systemd/system)

LSM: AppArmor: enabled

You have DLA for mariadb package (https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html)

and DLA for spice package (https://lists.debian.org/debian-lts-announce/2018/08/msg00037.html),

but on the following pages you have wrong DLA number / links:

https://lists.debian.org/debian-lts-announce/2018/08/msg00035.html

and wrong content here:

https://www.debian.org/lts/security/2018/dla-1488 (it copies https://www.debian.org/lts/security/2018/dla-1486)

Reply to:

Follow-Ups:
- Bug#985427: Wrong DLA number for spice CVEs
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: https://www.debian.org/mirror/list debian.inode.at 403 Forbidden
Next by Date: Bug#985427: Wrong DLA number for spice CVEs
Previous by thread: Re: Re: Google Groups should not be recommended since Google pushed the service behind login
Next by thread: Bug#985427: Wrong DLA number for spice CVEs
Index(es):
- Date
- Thread