Oh and I should have been talking about CVE-2011-5056 anyway. But I do think CVE-2011-5055 is resolved.
On 24/01/12 20:14, Nicholas Bamber wrote: > Moritz, > Actually it is acknowledged to be present in 2.0.04-*. > > On 24/01/12 19:05, Moritz Muehlenhoff wrote: >> On Tue, Jan 24, 2012 at 03:32:29PM +0000, Nicholas Bamber wrote: >>> Second attempt at preparing a fix for this issue. >>> >>> By the way CVE-2011-5055, as far as I can see, only applies to the >>> experimental release. That will be fixed when upstream issue a new >>> upstream 2.x release. Could the security page be updated to reflect that. >> >> I've updated the Security Tracker. >> >> Cheers, >> Moritz > > -- Nicholas Bamber | http://www.periapt.co.uk/ PGP key 3BFFE73C from pgp.mit.edu -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
