On Sat, 13 Nov 2010 09:46:50 +0100 Petter Reinholdtsen wrote: > > According to debsecan on one of my Lenny boxes, CVE-2009-4411 can be > fixed by upgrading: > > *** Available security updates > > CVE-2009-4411 The (1) setfacl and (2) getfacl commands in XFS acl... > <http://security-tracker.debian.net/tracker/CVE-2009-4411> > - libacl1 (low urgency) > > But when I try to upgrade the Lenny machine, there is no update > available. Is the hole incorrectly classified?
On my lenny box, debsecan lists that issue as an open/unfixed vulnerability. Are you using a different suite in debsecan? If I use the "--suite sid" option, then it does indicate that there is an available security update. Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101113214406.d70be6fe.michael.s.gilb...@gmail.com