[Secure-testing-team] CVE-2007-5707: OpenLDAP
Moritz Muehlenhoff
jmm at inutil.org
Wed Dec 5 21:14:24 UTC 2007
On Wed, Dec 05, 2007 at 07:04:10PM +0000, Dominic Hargreaves wrote:
> Hi,
>
> Just checked data/CVE/list and noticed that this CVE lists openldap2.2
> as <removed>.
>
> However, openldap2.2 is still in the archive, and is in oldstable.
> Surely it shouldn't be listed as removed in this case?
"- package VERSION" entries are for unstable. Since openldap2.2 is still in
archive, but has never seen an unstable fix this is correct.
As you can see at http://idssi.enyo.de/tracker/CVE-2007-5707 it is correctly
listed as affected in oldstable, since the tracker parses the archives
contents.
Please use debian-security-tracker at l.d.o for such questions.
Cheers,
Moritz
More information about the Secure-testing-team
mailing list