On Tue, Jul 05, 2005 at 10:36:51AM +0200, Moritz Muehlenhoff wrote: > I was having a look at the state of applications in testing using > the vulnerable XMLRPC code, for which an easily usable exploit has > been published and which seems like a perfect worm candidate as it > affects a wide range of popular web apps.
> For testing is affects drupal and wordpress, which both have been > fixed. But there propagation seems blocked, because britney thinks > that there is no version in testing, which is wrong as both _are_ > present in current testing: This output says nothing of the sort. First, britney doesn't care about whether there's a previous version of the package in testing when considering it for updating; second, that line of output does *not* come from britney. The britney output is that which is found at <http://ftp-master.debian.org/testing/update_excuses.html.gz> and at <http://ftp-master.debian.org/testing/update_output.txt.gz>. This "only in unstable" claim is something you'll have to take up with the maintainer of bjorn.haxx.se. (I'm guessing it still things sarge==testing...) ... and third, britney hasn't been run in several days due to the impending ftp-master move. Sorry, there's not much to be done about that as long as things are up in the air. -- Steve Langasek postmodern programmer
signature.asc
Description: Digital signature
