On Mon, 2005-12-19 at 08:49 +0100, Martin Schulze wrote: > You didn't mention CVE-2005-3417. Is the version in sarge not vulnerable > to it? Or did you miss it? Or did you just didn't document this?
This has been fixed but indeed isn't documented in the changelog. The fact is that CVE-2005-341{5,6,7} are all concentrated in one function, that function has been fixed. Should we add that CVE id aswell and rebuild or is that not necessary? bye, Thijs
signature.asc
Description: This is a digitally signed message part