Package: security.debian.org Severity: important DSA (the e-mail) states: For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.
However, apt downloads version
xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6) stretch-security;
urgency=high
In the PTS two versions are listed:
4.8.3+comet2+shim4.10.0+comet3-1+deb9u5 and
4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
So something looks fishy, although I do not get any signature failures
from apt / dpkg, which indicates that the delivery process was not
tampered with.
-- System Information:
Debian Release: 9.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
--
Dr. Helge Kreutzmann deb...@helgefjell.de
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature
