Hi, On Thu, Apr 24, 2014 at 10:05:08AM -0400, charlie derr wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 04/22/2014 11:25 AM, Moritz Muehlenhoff wrote: > > ------------------------------------------------------------------------- > > > > > Debian Security Advisory DSA-2911-1 secur...@debian.org > > http://www.debian.org/security/ Moritz > > Muehlenhoff April 22, 2014 > > http://www.debian.org/security/faq > > ------------------------------------------------------------------------- > > > > > <snippage> > > > > For the unstable distribution (sid), these problems have been fixed > > in version 24.4.0esr-1. > > I've been checking ever since I saw this announcement and I still > don't see a sign of this version in the sid repos yet (I'm not pasting > in my apt-get update, but I obviously did that immediately prior): > > > root@yap:~# apt-get install icedove > Reading package lists... Done > Building dependency tree > Reading state information... Done > icedove is already the newest version. > 0 upgraded, 0 newly installed, 0 to remove and 1459 not upgraded. > > root@yap:~# dpkg -l icedove > ii icedove 24.4.0-1 > > Does anyone have any more information about the delay? Or possibly > I'm wrong about my own assumption(s)/understanding here. > > thanks so much in advance for any clues,
This is indeed seem a typo in the DSA-2911-1. The fixed version for the unstable distribution for the given CVEs is icedove/24.4.0-1. For reference see also [1]. [1] https://security-tracker.debian.org/tracker/DSA-2911-1 Hope that thelps, Regards, Salvatore -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140424152132.GA2695@eldamar.local