Hi Henri, thanks for your explanation.
On Mon, Jun 25, 2012 at 02:45:57PM +0300, Henri Salo wrote: > On Mon, Jun 25, 2012 at 09:49:08AM +0200, Marc Haber wrote: > > a colleague pointed me to the release notes of python 2.6.8, where the > > following security issues are listed being fixed: > > > > * oCERT-2011-003, CVE-2012-1150, hash collision denial of service) "[squeeze] - python2.6 <no-dsa> (Minor issue)" means that there will be no DSA because the issue is so minor that the team decided not to bother? > > * CVE-2011-3389, disabling of the CBC IV attack countermeasure in the _ssl > > module phyton is not listed in http://security-tracker.debian.org/tracker/CVE-2011-3389, does that mean that nobody yet identified python as being affected? How can python be added here? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
