[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#985427: Wrong DLA number for spice CVEs


在 2021-03-18星期四的 07:15 +0100,Salvatore Bonaccorso写道:
> For the record, the security-tracker ships the authoritative
> assignment, they are:
> [31 Aug 2018] DLA-1488-1 mariadb-10.0 - security update
>         {CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066}
>         [jessie] - mariadb-10.0 10.0.36-0+deb8u1
> [31 Aug 2018] DLA-1486-1 spice - security update
>         {CVE-2018-10873}
>         [jessie] - spice 0.12.5-1+deb8u6
> https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec38e10ec1289c204c18999585bcbf7967ad7413
> and
> https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdaa7f41280c397e155037320704cde369172aae
> So the wepage of DLA 1488 should just be correct to for the mariadb-
> 10.0
> announcement. (The spice DLA seems to have been sent out twice).

I'd be glad to apply the fix if anyone provides a patch or a Merge
Request targeting this issue for
https://salsa.debian.org/webmaster-team/webwml/ repository.

Boyuan Yang

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: