* Stefan Fritsch: > On Tuesday 23 May 2006 16:48, Florian Weimer wrote: >> * Stefan Fritsch: >> > nagios issue already fixed in unstable >> > >> > CVE-2006-2489 (Integer overflow in CGI scripts in Nagios 1.x >> > before 1.4.1 and 2.x ...) - - nagios <unfixed> (high) >> > - - nagios2 <unfixed> (high) >> > + - nagios 2:1.4-1 (bug #366682; bug #366803; high) >> > + - nagios2 2.3-1 (bug #366683; high) >> >> Are you sure it's 2.3-1 and not 2.3.1? > > Yes, CVE-2006-2489 was found in the discussion in the Debian > bugreports about CVE-2006-2162 and the maintainer included the fix > before upstream released it.
Ah, okay, I was momentarily confused by some lack of maintainer coordination. Thanks for the clarification. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
