Hi Niels, Would changing the changelog entry for lucene2 2.9.1+ds1-2 into
lucene2 (2.9.1+ds1-2) unstable; urgency=low * Removed (unused) embedded Prototype javascript library (Closes: #555225, #555226; Fix CVE-2007-2383) do, on the next upload (which will be 2.9.1+ds1-3)? Cheers Jan-Pascal Niels Thykier wrote: > Package: lucene2 > Severity: important > > Hi > > A recent upload of lucene2 fixed #555225; but did not mention that > this fixed CVE-2007-2383. This causes the security tracker to > believe that lucene2 is still affected. > > Therefore please mention that CVE-2007-2383 has been fixed in the > changelog on next upload. > > Thank you in advance, > ~Niels > > -- System Information: > Debian Release: squeeze/sid > APT prefers testing > APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') > Architecture: i386 (i686) > > Kernel: Linux 2.6.30-2-686 (SMP w/2 CPU cores) > Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > > > _______________________________________________ > pkg-java-maintainers mailing list > pkg-java-maintain...@lists.alioth.debian.org > http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers > -- Jan-Pascal van Best janpas...@vanbest.org, janpas...@vanbest.eu http://www.vanbest.org/janpascal/ GPG key fingerprint 4617 E5FB C56D ACB6 7C8C DE64 3A4C B270 1A89 CC23 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org