[Secure-testing-team] Question about CVE-2006-1513
Francesco Poli
frx at firenze.linux.it
Sun Jul 2 10:11:43 UTC 2006
Hi!
A naive question about an issue that I found on the security bug
tracker[1]: CVE-2006-1513[2] is listed as fixed in stable and oldstable
by DSA-1041-1, but is still considered unfixed in testing and unstable.
On the other hand the issue is fixed in stable-security by version
1.3.3-3sarge1, while unstable and testing still have version 1.3.3-3
(which is vulnerable).
Isn't it possible to just forward-port 1.3.3-3sarge1 to unstable (as
version 1.3.3-4) and to testing-security (as version 1.3.3-3etch1)?
What do I fail to understand?
[1] http://idssi.enyo.de/tracker/
[2] http://idssi.enyo.de/tracker/CVE-2006-1513
--
:-( This Universe is buggy! Where's the Creator's BTS? ;-)
......................................................................
Francesco Poli GnuPG Key ID = DD6DFCF4
Key fingerprint = C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060702/f4221abe/attachment.pgp
More information about the Secure-testing-team
mailing list