[Secure-testing-team] Security advisory for docvert's CVE-2008-5147 ?
Nico Golde
debian-secure-testing+ml at ngolde.de
Mon Dec 1 23:07:20 UTC 2008
Hi,
* Francois Marier <francois at debian.org> [2008-12-01 23:46]:
> (Thanks for CCing me on your replies)
>
> On 2008-12-01 at 10:55:33, Nico Golde wrote:
> > No it's not. We marked this is unimportant in the security
> > tracker as this is only an unused test script:
> > http://security-tracker.debian.net/tracker/CVE-2008-5147
>
> Great. By the way, is there a way for me to "subscribe" one way or another
> to receive a notification whenever one of my packages has a CVE associated
> to it?
Yes the BTS :) Usually we file bugs for each CVE id except
in cases where we rate them as unimportant.
> > Ok that's fine. Please ping us in this case with the version
> > so we can mark it as fixed in the security tracker.
>
> I have uploaded docvert 3.4-7 to unstable and requested a freeze exception
> for lenny.
>
> The debdiff is attached to this email in case you're interested.
Thanks very much, I updated the tracker to reflect the fixed
version in 3.4-7.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081202/02b9455e/attachment.pgp
More information about the Secure-testing-team
mailing list