Hi Guido, On Fri, Nov 25, 2005 at 10:55:48AM +0100, Guido Trotter wrote: > > Hi! > > You wrote two times in the changelog that this issue is resolved: > > Changes: > inkscape (0.43-1) unstable; urgency=high > > * urgency=high since this version fixes the buffer overflow discovered by > Joxean Koret (see CVE-2005-3737, debian bug 330894). > > Changes: > inkscape (0.42.2+0.43pre1-1) unstable; urgency=low > > * Just for the record: inkscape version 0.42 and newer is not vulnerable to > the security bug mentioned in Bug #321501. > > > So I'm wondering: why can't this bug be closed, with the appropriate version > tag? > This would also help migrating inkscape into testing, which it cannot do till > this bug remains open... Yes, you are right. My thinking was that I close this bug when it is fixed in stable, too. But I see that this was wrong.
Thanks Steve for closing, I hope the security team will upload the fixed version I sent them to sarge. > > Thanks, > > Guido > With best wishes, Wolfi
signature.asc
Description: Digital signature