Re: No DSA-168[67]-1 on the tracker
On Wed, 17 Dec 2008 19:50:55 +0100 Moritz Muehlenhoff wrote: > On Wed, Dec 17, 2008 at 07:41:01PM +0100, Francesco Poli wrote: [...] > > OK, I've just checked the two missing DSAs. > > > > Everything seems to be fine, except for CVE-2008-5182, [...] > Thanks, fixed. Perfect! :) > Would you be interested in fixing such issues for > yourself? We can give you write access to the Security Tracker SVN. > You don't need to be a DD. Thanks for the offer, but I have (licensing) issues with SubVersion and hence I am not willing to install it on my boxes. I hope you do not mind, if I keep pointing out tracker issues on this mailing list... -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... . Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4 pgpTFVtfcGp0A.pgp Description: PGP signature
Re: No DSA-168[67]-1 on the tracker
On Wed, Dec 17, 2008 at 07:41:01PM +0100, Francesco Poli wrote: > On Wed, 17 Dec 2008 11:50:14 +0100 (CET) Thijs Kinkhorst wrote: > > [...] > > Something went wrong which brought the checkout the script uses to commit > > its update in, in a conflict state. I resolved that now, and Florian added > > the missing DSA's. > > OK, I've just checked the two missing DSAs. > > Everything seems to be fine, except for CVE-2008-5182, which is > incorrectly mentioned in DSA-1687-1 [1] as "CVE_2008-5182" (please note > the underscore!). > As a consequence, the regular expression which (I guess) is used to > parse the DSA missed it, and thus CVE-2008-5182 [2] is not marked as > fixed in etch (security) on the tracker, and the DSA tracker page [3] > fails to include CVE-2008-5182 in its reference list. Thanks, fixed. Would you be interested in fixing such issues for yourself? We can give you write access to the Security Tracker SVN. You don't need to be a DD. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: No DSA-168[67]-1 on the tracker
On Wed, 17 Dec 2008 11:50:14 +0100 (CET) Thijs Kinkhorst wrote: [...] > Something went wrong which brought the checkout the script uses to commit > its update in, in a conflict state. I resolved that now, and Florian added > the missing DSA's. OK, I've just checked the two missing DSAs. Everything seems to be fine, except for CVE-2008-5182, which is incorrectly mentioned in DSA-1687-1 [1] as "CVE_2008-5182" (please note the underscore!). As a consequence, the regular expression which (I guess) is used to parse the DSA missed it, and thus CVE-2008-5182 [2] is not marked as fixed in etch (security) on the tracker, and the DSA tracker page [3] fails to include CVE-2008-5182 in its reference list. [1] http://lists.debian.org/debian-security-announce/2008/msg00279.html [2] http://security-tracker.debian.net/tracker/CVE-2008-5182 [3] http://security-tracker.debian.net/tracker/DSA-1687-1 -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... . Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4 pgpSBYjr7z4KX.pgp Description: PGP signature
Re: No DSA-168[67]-1 on the tracker
On Wed, December 17, 2008 00:03, Francesco Poli wrote: > It seems that there's no tracker page [1][2] for DSA-1686-1 [3] and > DSA-1687-1 [4]. What's wrong? Something went wrong which brought the checkout the script uses to commit its update in, in a conflict state. I resolved that now, and Florian added the missing DSA's. Thijs -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
No DSA-168[67]-1 on the tracker
Hi all! It seems that there's no tracker page [1][2] for DSA-1686-1 [3] and DSA-1687-1 [4]. What's wrong? [1] http://security-tracker.debian.net/tracker/DSA-1686-1 [2] http://security-tracker.debian.net/tracker/DSA-1687-1 [3] http://lists.debian.org/debian-security-announce/2008/msg00278.html [4] http://lists.debian.org/debian-security-announce/2008/msg00279.html P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- On some search engines, searching for my nickname AND "nano-documents" may lead you to my website... . Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4 pgpr5HAr8Lbcn.pgp Description: PGP signature