Hi, On Wed, Feb 17, 2016 at 07:16:20PM +0100, Santiago Ruano Rincón wrote: > Hi Guido, > > El 17/02/16 a las 17:13, Guido Günther escribió: > > Hi Santiago, > > On Wed, Feb 17, 2016 at 11:21:04AM +0100, [email protected] wrote: > > > Package : gtk+2.0 > > > Version : 2.20.1-2+deb6u1 > > > CVE ID : CVE-2013-7447 > > > Debian Bug : 799275 > > > > This doesn't seem to be reflected in data/CVE/list. Did you forget to > > commit your changes? > > Actually, I didn't forget it. Look at data/DLA/list: > > [17 Feb 2016] DLA-419-1 gtk+2.0 - security update > {CVE-2013-7447} > [squeeze] - gtk+2.0 2.20.1-2+deb6u1 > > Doesn't sectracker automatically updates data/CVE/list?
Just to confirm: yes the security-tracker builds the cross reference (no need to do that by hand there). I just checked the CVE-2013-7447 entry and looks correct to me. Guido do you mean something else? Regards, Salvatore
