Your message dated Fri, 3 Feb 2012 18:28:09 -0500
with message-id 
<CANTw=mmshknzfeny3ta-nr9rtx91t9kykgbqw926nasbsdf...@mail.gmail.com>
and subject line Re: Bug#658545: security-tracker: DSA-2401-1 vs. tracker
has caused the Debian Bug report #658545,
regarding security-tracker: DSA-2401-1 vs. tracker
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
658545: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658545
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: security-tracker
Severity: normal

Hello!

DSA-2401-1 [1] claims that a number of referenced vulnerabilities
are fixed in sid by tomcat6/6.0.35-1
However, two vulnerabilities (CVE-2011-3190 [2] and CVE-2011-4858 [3])
out of the 10 referenced ones are shown as not fixed in sid and wheezy
on the tracker.

Is the DSA wrong or is the tracker incorrect?
In the latter case, please fix the tracker data.
Otherwise, please clarify.

Thanks for your time!

[1] http://lists.debian.org/debian-security-announce/2012/msg00025.html
[2] http://security-tracker.debian.org/tracker/CVE-2011-3190
[3] http://security-tracker.debian.org/tracker/CVE-2011-4858



--- End Message ---
--- Begin Message ---
> Is the DSA wrong or is the tracker incorrect?
> In the latter case, please fix the tracker data.
> Otherwise, please clarify.

The DSA is correct.  The tracker is now fixed.

Thanks,
Mike


--- End Message ---

Reply via email to