Bug#738202: marked as done (security-tracker: DSA-2856-1 vs. tracker)

Sat, 08 Feb 2014 09:27:56 -0800 

Your message dated Sat, 8 Feb 2014 18:23:20 +0100
with message-id <20140208172320.GA18060@eldamar.local>
and subject line Re: Bug#738202: security-tracker: DSA-2856-1 vs. tracker
has caused the Debian Bug report #738202,
regarding security-tracker: DSA-2856-1 vs. tracker
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
738202: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738202
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: security-tracker
Severity: normal

Hello,
DSA-2856-1 [1] states that CVE-2014-0050 is fixed in oldstable and
stable security updates for libcommons-fileupload-java.

[1] https://lists.debian.org/debian-security-announce/2014/msg00026.html

The tracker seems to agree on its DSA page [2], but seems to miss the
link with the CVE. As a consequence the CVE page [3] still shows
libcommons-fileupload-java as vulnerable in oldstable (security) and
stable (security)...

[2] https://security-tracker.debian.org/tracker/DSA-2856-1
[3] https://security-tracker.debian.org/tracker/CVE-2014-0050

Please update the tracker data accordingly.

Thanks for your time!
Bye.

--- End Message ---
--- Begin Message --- 
HI Franceso,

On Sat, Feb 08, 2014 at 05:10:09PM +0100, Francesco Poli (wintermute) wrote:
> Package: security-tracker
> Severity: normal
> 
> Hello,
> DSA-2856-1 [1] states that CVE-2014-0050 is fixed in oldstable and
> stable security updates for libcommons-fileupload-java.
> 
> [1] https://lists.debian.org/debian-security-announce/2014/msg00026.html
> 
> The tracker seems to agree on its DSA page [2], but seems to miss the
> link with the CVE. As a consequence the CVE page [3] still shows
> libcommons-fileupload-java as vulnerable in oldstable (security) and
> stable (security)...
> 
> [2] https://security-tracker.debian.org/tracker/DSA-2856-1
> [3] https://security-tracker.debian.org/tracker/CVE-2014-0050
> 
> Please update the tracker data accordingly.

Thanks, it is fixed now.

Regards,
Salvatore

--- End Message ---

Reply via email to