Not sure whether this is really the same issue. I installed debsecan to try it out. Running "debsecan --suit etch --only-fixed --format detail | less" gives lots of results like this one CVE-2006-5753 (fixed) Unspecified vulnerability in the listxattr system call in Linux ... installed: linux-image-2.6.18-6-686 2.6.18.dfsg.1-23etch1 (built from linux-2.6 2.6.18.dfsg.1-23etch1) fixed in unstable: linux-2.6 2.6.20-1 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch1 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch2 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch3 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch4 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch5 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-13etch6 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-17etch1 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-18etch1 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-18etch3 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-18etch4 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-18etch5 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-18etch6 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-22etch2 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-22etch3 (source package) fixed on branch: linux-2.6 2.6.18.dfsg.1-23 (source package) fix is available for the selected suite (etch)
"debsecan --suite etch --only-fixed | grep linux-image | wc -l": 102 Right now this tool looks completely unusable to me, since I am drowning in false positives... -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org