[Secure-testing-team] iceape holes: DSA vs. tracker
Stefan Fritsch
sf at sfritsch.de
Tue Jun 12 21:25:21 UTC 2007
Hi Francesco
On Freitag, 8. Juni 2007, Francesco Poli wrote:
> one[3] is claimed to be "not known to" affect Debian (with a note
> that says "check"),
This is the message one gets if no information about an issue has been
entered in the tracker, yet. This has been fixed in the meantime.
> another[4] is claimed to be NOT-FOR-US ("No
> practical security implications"),
This is true, but it was still fixed in the DSA, so there was no
reason not to mention it in the DSA.
> and the remaining
> four[5][6][7][8] are claimed to affect sarge, etch, etch
> (security), lenny, and sid.
As with the gimp DSA, the iceape DSA was entered into the tracker a
bit later (this is done by hand). I think the info now is correct.
> [1] http://security-tracker.debian.net/tracker/
> [2]
> http://lists.debian.org/debian-security-announce/debian-security-an
>nounce-2007/msg00060.html [3]
> http://security-tracker.debian.net/tracker/CVE-2007-1362 [4]
> http://security-tracker.debian.net/tracker/CVE-2007-1558 [5]
> http://security-tracker.debian.net/tracker/CVE-2007-2867 [6]
> http://security-tracker.debian.net/tracker/CVE-2007-2868 [7]
> http://security-tracker.debian.net/tracker/CVE-2007-2870 [8]
> http://security-tracker.debian.net/tracker/CVE-2007-2871
Cheers,
Stefan
More information about the Secure-testing-team
mailing list