[Secure-testing-team] Is the security bug tracker up-to-date?
Francesco Poli
frx at firenze.linux.it
Mon Mar 12 19:57:27 UTC 2007
Hi!
I noticed something weird on the security bug tracker[1].
Some vulnerabilities are still listed for testing as fixed in unstable,
while the package version that fixes the problem has already migrated
from unstable to testing.
For instance, the report[2] for CVE-2007-0981 states:
|
| iceweasel (PTS) etch 2.0.0.1+dfsg-2 vulnerable
| sid 2.0.0.2+dfsg-3 fixed
|
On the other hand, the testing migration checker[3] says:
|
| * iceweasel has the same version in unstable and testing
| (2.0.0.2+dfsg-3)
|
and the PTS[4] confirms that iceweasel 2.0.0.2+dfsg-3 migrated to
testing on 2007-03-10.
What's wrong?
[1] http://security-tracker.debian.net/tracker/
[2] http://security-tracker.debian.net/tracker/CVE-2007-0981
[3] http://bjorn.haxx.se/debian/testing.pl?package=iceweasel
[4] http://packages.qa.debian.org/i/iceweasel.html
P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks.
--
http://frx.netsons.org/progs/scripts/refresh-pubring.html
Need to refresh your keyring in a piecewise fashion?
..................................................... Francesco Poli .
GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070312/92492928/attachment.pgp
More information about the Secure-testing-team
mailing list