Re: Tracker inconsistency regarding gallery2?

2007-11-11 Thread Moritz Muehlenhoff
On Sat, Nov 10, 2007 at 07:35:38PM +0100, Thijs Kinkhorst wrote: > Hi All, > > On Friday 9 November 2007 23:52, Francesco Poli wrote: > > Hi all again! > > > > DSA 1404-1 [1] claims that gallery2 version 2.1.2-2.0.etch.1 fixes > > CVE-2007-4650 for etch. > > The DSA page [2] seems to confirm this.

Re: Tracker inconsistency regarding gallery2?

2007-11-11 Thread Francesco Poli
On Sat, 10 Nov 2007 20:56:37 +0100 Thijs Kinkhorst wrote: [...] > I've corrected this now, it was due to a misunderstanding by myself of > the tracker information. Good, thanks. -- http://frx.netsons.org/doc/nanodocs/testing_workstation_install.html Need to read a Debian testing installation

Re: Tracker inconsistency regarding gallery2?

2007-11-10 Thread Thijs Kinkhorst
Hi, On Friday 9 November 2007 23:52, Francesco Poli wrote: > Hi all again! > > DSA 1404-1 [1] claims that gallery2 version 2.1.2-2.0.etch.1 fixes > CVE-2007-4650 for etch. > The DSA page [2] seems to confirm this. > However the CVE page [3] tells a different story: it states that version > 2.1.2-2

Re: Tracker inconsistency regarding gallery2?

2007-11-10 Thread Nico Golde
Hi Thijs, * Thijs Kinkhorst <[EMAIL PROTECTED]> [2007-11-10 19:36]: > On Friday 9 November 2007 23:52, Francesco Poli wrote: > > DSA 1404-1 [1] claims that gallery2 version 2.1.2-2.0.etch.1 fixes > > CVE-2007-4650 for etch. > > The DSA page [2] seems to confirm this. > > However the CVE page [3] te

Re: Tracker inconsistency regarding gallery2?

2007-11-10 Thread Thijs Kinkhorst
Hi All, On Friday 9 November 2007 23:52, Francesco Poli wrote: > Hi all again! > > DSA 1404-1 [1] claims that gallery2 version 2.1.2-2.0.etch.1 fixes > CVE-2007-4650 for etch. > The DSA page [2] seems to confirm this. > However the CVE page [3] tells a different story: it states that version > 2.1

Tracker inconsistency regarding gallery2?

2007-11-09 Thread Francesco Poli
Hi all again! DSA 1404-1 [1] claims that gallery2 version 2.1.2-2.0.etch.1 fixes CVE-2007-4650 for etch. The DSA page [2] seems to confirm this. However the CVE page [3] tells a different story: it states that version 2.1.2-2.0.etch.1 is vulnerable. Is this a security-tracker internal inconsistenc