[Secure-testing-team] Question about CVE not appearing in the
tracker
Stefan Fritsch
sf at sfritsch.de
Tue Sep 5 20:31:30 UTC 2006
Hi,
there is in CVE/list:
CVE-2006-4031 (MySQL 4.1 ...)
- mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
- mysql-dfsg <removed> (bug #380271; low)
[sarge] - mysql-dfsg-4.1 <no-dsa> (Now ...)
[sarge] - mysql-dfsg <no-dsa> (Now ...)
and I would expect that this would mark mysql-dfsg-4.1 as vulnerable
in sarge, but with a "*" for no-dsa. However at [1],
CVE-2006-4031 does not appear for mysql-dfsg-4.1 at all. Is this a bug
in the tracker or do I misunderstand something?
Cheers,
Stefan
[1] http://security-tracker.debian.net/tracker/status/release/stable
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060905/b208d81a/attachment.pgp
More information about the Secure-testing-team
mailing list