Hi everyone! DSA-1653-1 [1] has been recently issued and a corresponding tracker page [2] was added.
However, it seems that there's an inconsistency between the DSA and the tracker. The DSA [1] claims that all the CVEs are fixed in etch by linux-2.6/2.6.18.dfsg.1-22etch3, while the tracker page for CVE-2008-3276 [3] claims that etch is still vulnerable. If this is an actual inconsistency, please fix it ASAP. Thanks for your great job in improving Debian security! [1] http://lists.debian.org/debian-security-announce/2008/msg00245.html [2] http://security-tracker.debian.net/tracker/DSA-1653-1 [3] http://security-tracker.debian.net/tracker/CVE-2008-3276 P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
pgpJcnOe8mIU7.pgp
Description: PGP signature