Moritz Muehlenhoff wrote: > > Updated status below: > > cups / CVE-2008-5183 > Status needs checking >
Will prod the maintainer > > flamethrower / CVE-2008-5141 > Dann has already prepared an update, but it's not been uploaded yet. > Already Ok'ed by RT > > mailscanner / CVE-2008-5140 and more mentioned in the Debian bug > No fix yet. > Just requested a new CVE id, or the update of the current one with the extra issues. > > msp-webserver / CVE-2008-5160 > Appears to have many quality issues, pushed for removal > dato wants to wait a bit before removing > > nagios3 / CVE-2008-5028 > Maintainer wanted to have had it ready by last friday, needs prodding. > Maintainer sent mail to -release asking for approval of new upstream version properly fixing the bug. > > smarty CVE-2008-4810 / CVE-2008-4811 > -4810 is about the original bug, -4811 is about the incomplete fix for all > the attack vectors. Raphael will ask on oss list. > am I? will see who needs to be prodded, but I don't think it will be on oss list. Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
