Hi, I noticed an interesting problem that squeeze-lts creates for debsecan.
debsecan (at least the version in squeeze) doesn't seem to know about libgnutls26 version 2.8.6-1+squeeze4, or even that it has the fixes from versions 2.8.6-1+squeeze3 and prior. It means that CVE-2014-3466 will remain as "Vulnerabilities without updates", and even old vulnerabilities are listed as affecting the installed libgnutls26 again, in the "New security updates" category. Is the security tracker expected to have data for squeeze-lts at some point, or should squeeze-lts users discontinue using debsecan? Thanks, Regards, -- Steven Chamberlain [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
