* Francesco Poli: > Hi again! > > Many vulnerabilities are listed in [1] for kernel-source-2.6.8. > On the other hand, DSA-1103-1 (which is listed as well) claims that > all of them but the first one (CVE-2005-2873) are fixed in > version 2.6.8-*sarge3 (available in the security.debian.org repository). > What's wrong? > Shouldn't these vulnerabilities be absent from [1]? > > [1] http://idssi.enyo.de/tracker/status/release/stable
Uhm, they aren't listed? Perhaps the database was out of date. There is some delay between the DSA, the commit to the secure-testing SVN repository, and the database update (the computation takes about 6 minutes at the moment). _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
