Bug#336137: Version 6.4-1.1 (4-Sept-2005) does not exist in stable (CAN-2005-152)
retitle 334833 CVE-2005-1527 still not fixed in stable branch retitle 336137 CVE-2005-1527 still not fixed in stable branch severity 334833 grave found 334833 6.4.1 merge 336137 334833 thanks * FX: Version 6.4-1.1 which fixed CAN-2005-152 on Sept 4, 2005 is still not available in the stable branch as of October 28, 2005. Running 'apt-get update apt-get upgrade' on Debian 3.1 does not yet fix CAN-2005-152 which was fixed roughly 2 months ago. CAN-2005-152 is syntactically invalid. This problem is already tagged as bug #334833. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#336137: Version 6.4-1.1 (4-Sept-2005) does not exist in stable (CAN-2005-152)
Processing commands for [EMAIL PROTECTED]: retitle 334833 CVE-2005-1527 still not fixed in stable branch Bug#334833: CAN-2005-1527 still not fixed in stable branch Changed Bug title. (By the way, that Bug is currently marked as done.) retitle 336137 CVE-2005-1527 still not fixed in stable branch Bug#336137: Version 6.4-1.1 (4-Sept-2005) does not exist in stable (CAN-2005-152) Changed Bug title. severity 334833 grave Bug#334833: CVE-2005-1527 still not fixed in stable branch Severity set to `grave'. found 334833 6.4.1 Bug#334833: CVE-2005-1527 still not fixed in stable branch Bug marked as found in version 6.4.1. merge 336137 334833 Bug#334833: CVE-2005-1527 still not fixed in stable branch Bug#336137: CVE-2005-1527 still not fixed in stable branch Mismatch - only Bugs in same state can be merged: Values for `done mark' don't match: #334833 has `done'; #336137 has `open' thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#336137: Version 6.4-1.1 (4-Sept-2005) does not exist in stable (CAN-2005-152)
package: awstats severity: grave tags: security Version 6.4-1.1 which fixed CAN-2005-152 on Sept 4, 2005 is still not available in the stable branch as of October 28, 2005. Running 'apt-get update apt-get upgrade' on Debian 3.1 does not yet fix CAN-2005-152 which was fixed roughly 2 months ago. The changelog for stable does not even mention CAN-2005-152: http://packages.debian.org/changelogs/pool/main/a/awstats/awstats_6.4-1/changelog There is no mention about any package versions being held back for any reason at: http://packages.qa.debian.org/a/awstats.html Is it normal for a fixed vulnerability to remain in the stable branch for 2 months? Is there something other than 'apt-get update apt-get upgrade' that sysadmins' must perform on Debian in order to get security updates? Please advise. Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]