Hi Benjamin On Tue, Mar 19, 2013 at 04:04:59PM -0400, Benjamin Kaduk wrote: > On Tue, 19 Mar 2013, Adam D. Barratt wrote: > > >On Tue, 2013-03-19 at 15:47 -0400, Benjamin Kaduk wrote: > >>reopen 702633 > > > >Why? Do you believe that the 1.10.1+dfsg-4+nmu1 package does not contain > >a fix for this bug? > > The changelog entry for 1.10.1+dfsg-4+nmu1 mentions the wrong CVE > number, and as such the purpoted "fix" for this bug is incomplete, > as the documentation of the change is incorrect. Now, it may be > that the package maintainer or the security team may decide that a > version bump is not necessary to correct this error, but such a > decision should be explicitly made (IMHO). > > >If the answer to my first question is "because it's not fixed in stable > >yet", then the re-opening was incorrect, as the actual effect was to > >mark it as not fixed in _unstable_. > > My action of reopening the bug reflects the contents of the package > in unstable.
Thank you for noticing this. To track this I opened http://bugs.debian.org/703457 Hope that helps, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org