Package: debsecan Version: 0.4.2 Severity: normal Perhaps I am not understanding the output of the cron job, that lists:
... *** Vulnerabilities without updates CVE-2005-1127 Format string vulnerability in the log function in... <http://idssi.enyo.de/tracker/CVE-2005-1127> - postgrey (remotely exploitable) ... The page http://idssi.enyo.de/tracker/CVE-2005-1127 lists testing as not vulnerable. Is it a problem of testing vs. etch? I do also see that postgrey is not explicitly listed as fixed in testing or unstable. >dpkg -s postgrey Version: 1.27-1 >dpkg -s libnet-server-perl Version: 0.90-1 Thanks. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Versions of packages debsecan depends on: ii debconf [debconf-2.0] 1.5.4 Debian configuration management sy ii python 2.4.3-11 An interactive high-level object-o Versions of packages debsecan recommends: ii cron 3.0pl1-97 management of regular background p ii postfix [mail-transport-agent 2.3.3-1 A high-performance mail transport -- debconf information: * debsecan/report: true * debsecan/suite: etch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
