Hi Daniel, On Tue, December 4, 2012 18:33, daniel curtis wrote: > Thank You, I should look there first (Security Tracker). But I see, > that two of three CVE's are marked as 'vulnerable' for all branches; > stable, testing and unstable. Frankly, only first CVE is Fixed for > Squeeze. > It is normal?
They are indeed still pending a fix; because other issues in MySQL were reported in the mean time an update for those issues (see DSA text for id's) was released. The issue you mention will be fixed as soon as we have a working fix. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5c2a10f757fc106f71b0eff25df3a2cf.squir...@aphrodite.kinkhorst.nl