* Francesco Poli <[EMAIL PROTECTED]> [2008-10-15 22:05:59 CEST]: > DSA-1653-1 [1] has been recently issued and a corresponding tracker > page [2] was added. > > However, it seems that there's an inconsistency between the > DSA and the tracker. > > The DSA [1] claims that all the CVEs are fixed in etch by > linux-2.6/2.6.18.dfsg.1-22etch3, while the tracker page for > CVE-2008-3276 [3] claims that etch is still vulnerable.
For completeness, CVE-2008-3525 lists linux-2.6.24 as unfixed, too. Thanks, Rhonda -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
