On Tue, 19 Mar 2013, Adam D. Barratt wrote:
On Tue, 2013-03-19 at 15:47 -0400, Benjamin Kaduk wrote:
reopen 702633
Why? Do you believe that the 1.10.1+dfsg-4+nmu1 package does not contain
a fix for this bug?
The changelog entry for 1.10.1+dfsg-4+nmu1 mentions the wrong CVE number,
and as such the purpoted "fix" for this bug is incomplete, as the
documentation of the change is incorrect. Now, it may be that the package
maintainer or the security team may decide that a version bump is not
necessary to correct this error, but such a decision should be explicitly
made (IMHO).
If the answer to my first question is "because it's not fixed in stable
yet", then the re-opening was incorrect, as the actual effect was to
mark it as not fixed in _unstable_.
My action of reopening the bug reflects the contents of the package in
unstable.
-Ben Kaduk
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org