On Tue, 14 Apr 2009 02:23:09 am Francesco Poli wrote: > Hi all, > > DSA-1770-1 [1] has just been issued, and the corresponding tracker page > [2] has been created. > There's something strange, though. > The DSA says that the two vulnerabilities are fixed for etch in version > 4.1.3-4etch1, while the CVE tracker pages [3][4] say that version > 4.1.3-4etch1 is for *lenny (security)* and still vulnerable... > > I cannot understand what's wrong. > > [1] http://lists.debian.org/debian-security-announce/2009/msg00081.html > [2] http://security-tracker.debian.net/tracker/DSA-1770-1 > [3] http://security-tracker.debian.net/tracker/CVE-2008-4182 > [4] http://security-tracker.debian.net/tracker/CVE-2009-0930 > > P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. I've already notified ftpmaster and they should fix it soon. The package had the wrong distribution in the changelog.
Thanks for reporting. Cheers Steffen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
