Hi, * Nelson A. de Oliveira <[EMAIL PROTECTED]> [2008-11-20 14:29]: > I was looking http://security-tracker.debian.net/tracker/CVE-2008-5101 > and it says that the stable version of optipng is vulnerable to > CVE-2008-5101. This should be fixed since the only vulnerable versions > are 0.6 and 0.6.1 (stable is 0.5.5).
This is due how the tracker works, the version is unfixed until it is marked as fixed by a version or explicitly marked as not-affected. > I can forward upstream email where he says "The versions affected are > 0.6 and 0.6.1; version 0.5.5 is fine." just in case you need. Yes please do so, so we can check that. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpSsEU0Kd46P.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
