Hi,

On Thu, May 16, 2019 at 09:53:36AM +0530, Gunjan Gupta wrote:
> Hi Paul,
> 
> The changelog of the latest rsync package available in stretch does say
> that these are fixed, but I can still see that stretch is shown as
> vulnerable on the security tracker.
> 
> https://security-tracker.debian.org/tracker/CVE-2016-9840
> 
> If these are fixed, could you please get the security tracker updated?

YOu are right the CVE-2016-9840 patch seems to be applied as well in
the stretch point release update.

I have updated the security-tracker information.

Regards,
Salvatore

Reply via email to