* Francesco Poli: > A naive question about an issue that I found on the security bug > tracker[1]: CVE-2006-1513[2] is listed as fixed in stable and oldstable > by DSA-1041-1, but is still considered unfixed in testing and unstable. > On the other hand the issue is fixed in stable-security by version > 1.3.3-3sarge1, while unstable and testing still have version 1.3.3-3 > (which is vulnerable). > Isn't it possible to just forward-port 1.3.3-3sarge1 to unstable (as > version 1.3.3-4) and to testing-security (as version 1.3.3-3etch1)?
See this thread on debian-devel: <http://lists.debian.org/debian-devel/2006/06/msg00877.html> I believe this is the same issue. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
