> Actually, debsecan should be able to deal with this situation. > > I guess that CVE-2007-4560 is an example for this kind of problem. > We've marked it as fixed in version 0.91.2-1, but volatile contains > 0.91.2-0volatile1, which is less than that. I suppose we could mark > it as fixed in 0.91.2, which would cover both cases (and wouldn't > introduce a false negative if this bug was in fact fixed upstream). >
That's great. Thanks both of you for the replies. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
