On Fri, 11 Mar 2011 18:36:38 +0100 Francesco Poli wrote: > Hi all, > everything seems to be OK with the DSA-2189-1 [1] tracker page [2] and > its associated CVE numbers. > Some CVE numbers were apparently assigned after the release of the DSA. > I seem to be able to map the CVE-less vulnerabilities to the CVE > numbers mentioned in the tracker [2], except for the first two:
If you can specify which issues these are, and if you've checked the source to confirm, we can make these updates. > Out-of-bounds read in text searching [69640] > Memory corruption in SVG fonts. [72134] > > Are these two still CVE-less? > If so, I cannot find any corresponding TEMP entry in the tracker [3]. > Where are they? Should they be added to the tracker? We won't necessarily enter cve-less issues in the tracker. However, once these do get assigned ids we will make sure they get recorded as fixed in this dsa. Best wishes, Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
