On mer., 2014-09-10 at 19:50 +0200, Moritz Muehlenhoff wrote:
On Wed, Sep 10, 2014 at 05:13:35PM +0200, Holger Levsen wrote:
Hi Salvatore,
On Mittwoch, 10. September 2014, Salvatore Bonaccorso wrote:
The tabular view clearly would need some improvement and making clear
where the fix
On mer., 2014-09-10 at 20:42 +0200, Moritz Muehlenhoff wrote:
On Wed, Sep 10, 2014 at 08:56:48PM +0200, Yves-Alexis Perez wrote:
On mer., 2014-09-10 at 19:50 +0200, Moritz Muehlenhoff wrote:
On Wed, Sep 10, 2014 at 05:13:35PM +0200, Holger Levsen wrote:
Hi Salvatore,
On Mittwoch
On ven., 2012-07-06 at 07:22 -0500, man...@mac.hush.com wrote:
Re: http://security-tracker.debian.org/tracker/CVE-2012-2763
Working with upstream, I cherry-picked the code in gimp 2.8 which
fixes this buffer overflow vulnerability in the script-fu server.
The attached patch fixes the issue
On sam., 2012-07-07 at 11:55 +0200, Reinhard Tartler wrote:
http://security-tracker.debian.org/tracker/CVE-2012-0859
please mark this entry as fixed for 6:0.8.3-4 and
6:0.8.99-1537-gacb2c79-2. The fixes for 4:0.5.9-1 originate from those
branches.
Can you identify the specific versions? Is
On lun., 2012-07-02 at 22:50 +0200, Francesco Poli wrote:
Hello everybody,
there's something unclear to me.
DSA-2505-1 [1] states that CVE-2012-3363 is fixed in unstable by
zendframework/1.11.12-1 and the tracker seems to agree [2].
[1]
On jeu., 2012-03-29 at 00:30 +0200, Francesco Poli wrote:
Hello everybody,
it seems to me that the tracker stopped fetching info about package
versions in squeeze (security).
Examples:
http://security-tracker.debian.org/tracker/DSA-2441-1
On ven., 2012-03-09 at 14:14 -0600, Ryan Gumbiner wrote:
Greetings,
It seems there is a discrepancy in the Fixed Version displayed on:
http://security-tracker.debian.org/tracker/CVE-2012-0053
For the squeeze release (2.2.16-6+squeeze6) as it contradicts the changelog:
On dim., 2012-01-15 at 12:53 +0100, Francesco Poli (wintermute) wrote:
Package: security-tracker
Severity: normal
Hi!
The tracker page [1] for DSA-2388-1 [2] looks OK, but some of the
referenced CVE tracker pages [3][4] claim that t1lib/5.1.2-3.3 is still
vulnerable in wheezy and sid,
On lun., 2011-12-05 at 18:47 +0100, Francesco Poli wrote:
Yeah, and I don't know why, since in the source file the 3 CVEs are
marked as fixed by 2.30.3-2.
I am not sure: maybe because it's marked as fixed in (unstable) ?
An additional entry for the stable fixed version is perhaps needed..
On dim., 2011-12-04 at 16:00 +0100, Francesco Poli wrote:
On Sun, 04 Dec 2011 12:19:46 +0100 Francesco Poli (wintermute) wrote:
[...]
Hi!
It seems to me that the tracker page [1] for DSA-2357-1 [2] is
fairly incomplete.
[...]
[1] http://security-tracker.debian.org/tracker/DSA-2357-1
On lun., 2011-10-24 at 18:49 -0400, Michael Gilbert wrote:
I don't think that's the issue. cdn.debian.net does have 1:1.8-1.2 in
sid now. It's more likely a bug in the tracker causing it to not
update certain data in the sql database somehow.
Seems that
On mer., 2011-10-26 at 16:33 -0400, Michael Gilbert wrote:
Because the tracker hasn't entered 0.8.5-5+squeeze1 info into it's sql
database yet. I assume a cronjob was set up on the tracker server to
fetch this info regularly. I wonder if that's stopped somehow?
I have no idea, I don't have
Hey,
CVEs for the radvd issues look weird on the tracker. For example, not so
long ago sid had 1:1.8-1 (unfixed) while wheezy had 1:1.8-1.2 (fixed).
Now both have 1:1.8-1 (while indeed the NMU reached testing today, so
both sid and wheezy are fixed).
Anyone knows what happened?
Regards,
--
On mer., 2011-10-19 at 14:01 +0200, Laurent Bonnaud wrote:
So could someone please mark this bug as fixed in wheezy and sid ?
Done, thanks for the investigation.
Regards,
--
Yves-Alexis
signature.asc
Description: This is a digitally signed message part
On mer., 2011-10-19 at 15:12 +0200, Laurent Bonnaud wrote:
Hi,
I am looking at this page:
http://security-tracker.debian.org/tracker/CVE-2011-3188
The security status is given for 2.6.x kernels but not for 3.x
kernels.
Could somebody please add this ?
Data is kernel-sec tracker
Hey,
I just noticed two CVE which apply to Xfce packages in etch are set
against the wrong package. Attached diff should fix that.
Cheers,
--
Yves-Alexis
index 9b6134c..8fdde64 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -30188,13 +30188,13 @@ CVE-2007-6534 (Multiple unspecified
16 matches
Mail list logo
