Package: debsecan Version: 0.4.10+nmu1 Severity: normal If I am reading the reports correctly, CVE-2008-0166 was correctly fixed in lenny, sid and lenny-security, so I think this is a bug on your side.
I am less sure about CVE-2007-6206, where debsecan is reporting that libsensors3 is vulnerable, but it isn't on the list here: http://security-tracker.debian.net/tracker/CVE-2007-6206 I see the etch entry, but maybe your code is looking for a lenny/fixed statement and it isn't there. I am not sure if that is a bug on your side or on the tracker side. Thank you. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C) Shell: /bin/sh linked to /bin/bash Versions of packages debsecan depends on: ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii python 2.5.2-1 An interactive high-level object-o ii python-apt 0.7.5 Python interface to libapt-pkg Versions of packages debsecan recommends: ii cron 3.0pl1-104 management of regular background p ii postfix [mail-transport-agent 2.5.2-1 High-performance mail transport ag -- debconf information: * debsecan/source: * debsecan/mailto: root * debsecan/report: true * debsecan/suite: lenny -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]