[Secure-testing-team] Broken testing propagation for some packages?
Moritz Muehlenhoff
jmm at inutil.org
Tue Jul 5 08:36:51 UTC 2005
Hi,
I was having a look at the state of applications in testing using
the vulnerable XMLRPC code, for which an easily usable exploit has
been published and which seems like a perfect worm candidate as it
affects a wide range of popular web apps.
For testing is affects drupal and wordpress, which both have been
fixed. But there propagation seems blocked, because britney thinks
that there is no version in testing, which is wrong as both _are_
present in current testing:
http://bjorn.haxx.se/debian/testing.pl?package=wordpress:
Checking wordpress
* trying to update [1]wordpress from 1.5.1.2-1 to 1.5.1.3-1
* wordpress [2]is only in unstable (no testing version)
Checking drupal
* trying to update [1]drupal from 4.5.3-2 to 4.5.4-1
* drupal [2]is only in unstable (no testing version)
What's wrong? Is this a known problem?
Cheers,
Moritz
More information about the Secure-testing-team
mailing list