[Secure-testing-team] Question about CVE-2006-1513
Florian Weimer
fw at deneb.enyo.de
Sun Jul 2 14:33:29 UTC 2006
* Francesco Poli:
> A naive question about an issue that I found on the security bug
> tracker[1]: CVE-2006-1513[2] is listed as fixed in stable and oldstable
> by DSA-1041-1, but is still considered unfixed in testing and unstable.
> On the other hand the issue is fixed in stable-security by version
> 1.3.3-3sarge1, while unstable and testing still have version 1.3.3-3
> (which is vulnerable).
> Isn't it possible to just forward-port 1.3.3-3sarge1 to unstable (as
> version 1.3.3-4) and to testing-security (as version 1.3.3-3etch1)?
See this thread on debian-devel:
<http://lists.debian.org/debian-devel/2006/06/msg00877.html>
I believe this is the same issue.
More information about the Secure-testing-team
mailing list