Hi, On Sunday 18 December 2005 13:21, Moritz Muehlenhoff wrote: > note in narrative-introduction that oldstable is now fully > supported
this is not really true. AIUI, when we checked the old CVEs last year, we did not check whether versions in woody were affected. In many cases this would have meant a lot of work (when the version in an advisory was a lot newer than the woody version). Most of these cases should appear in the tracker nonetheless, but some do not (e.g. package removed or renamed between woody and sarge). So the oldstable information has to be considered incomplete (btw, this is already stated on the tracker page). BTW, one case that should be in the tracker but is not: stunnel #278942 CVE-2003-0740 What is wrong here? Cheers, Stefan _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
