Package: security-tracker Severity: normal Hello everybody!
DSA-3381-1 [1] states that several vulnerabilities are fixed in openjdk-7/7u85-2.6.1-5 for sid, but the tracker [2] claims that many of those vulnerabilities are only fixed in openjdk-7/7u85-2.6.1-6 . Is that a typo in the DSA or should the tracker data be updated? Moreover the tracker claims [3] that one of the vulnerabilities (CVE-2015-4871) is unfixed in sid. Again: is the DSA wrong or should the tracker data be updated? Please clarify, thanks for your time! [1] https://lists.debian.org/debian-security-announce/2015/msg00280.html [2] see links for CVE ids in https://security-tracker.debian.org/tracker/DSA-3381-1 [3] https://security-tracker.debian.org/tracker/CVE-2015-4871
