[Secure-testing-team] Yet another question about the tracker
Florian Weimer
fw at deneb.enyo.de
Fri Jun 30 18:36:42 UTC 2006
* Francesco Poli:
> Hi again!
>
> Many vulnerabilities are listed in [1] for kernel-source-2.6.8.
> On the other hand, DSA-1103-1 (which is listed as well) claims that
> all of them but the first one (CVE-2005-2873) are fixed in
> version 2.6.8-*sarge3 (available in the security.debian.org repository).
> What's wrong?
> Shouldn't these vulnerabilities be absent from [1]?
>
> [1] http://idssi.enyo.de/tracker/status/release/stable
Uhm, they aren't listed? Perhaps the database was out of date. There
is some delay between the DSA, the commit to the secure-testing SVN
repository, and the database update (the computation takes about 6
minutes at the moment).
More information about the Secure-testing-team
mailing list