Debian Bug Tracking System
Fri, 03 Feb 2012 15:30:31 -0800
Your message dated Fri, 3 Feb 2012 18:28:09 -0500 with message-id <CANTw=mmshknzfeny3ta-nr9rtx91t9kykgbqw926nasbsdf...@mail.gmail.com> and subject line Re: Bug#658545: security-tracker: DSA-2401-1 vs. tracker has caused the Debian Bug report #658545, regarding security-tracker: DSA-2401-1 vs. tracker to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 658545: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: security-tracker Severity: normal Hello! DSA-2401-1 [1] claims that a number of referenced vulnerabilities are fixed in sid by tomcat6/6.0.35-1 However, two vulnerabilities (CVE-2011-3190 [2] and CVE-2011-4858 [3]) out of the 10 referenced ones are shown as not fixed in sid and wheezy on the tracker. Is the DSA wrong or is the tracker incorrect? In the latter case, please fix the tracker data. Otherwise, please clarify. Thanks for your time! [1] http://lists.debian.org/debian-security-announce/2012/msg00025.html [2] http://security-tracker.debian.org/tracker/CVE-2011-3190 [3] http://security-tracker.debian.org/tracker/CVE-2011-4858
--- End Message ---
--- Begin Message ---> Is the DSA wrong or is the tracker incorrect? > In the latter case, please fix the tracker data. > Otherwise, please clarify. The DSA is correct. The tracker is now fixed. Thanks, Mike
--- End Message ---