On Mon, Jun 05, 2006 at 11:44:54AM +0200, Djoume SALVETTI wrote: > Le lun 05 jun 2006 00:14:36 GMT Francesco Poli <[EMAIL PROTECTED]> a écrit : > > * mysql-dfsg (unfixed; bug #365939) for CVE-2006-1518, CVE-2006-1517, > > CVE-2006-1516
> > The bug report[2] refers to package mysql-server-5.0 and claims that > > the issue is fixed in mysql-dfsg-5.0 version 5.0.21-1, which is > > superseded by 5.0.22-2 in sid. > > Testing seems to be still vulnerable, because it has version 5.0.20-1. > > [2] http://bugs.debian.org/365939 > > [3] http://bjorn.haxx.se/debian/testing.pl?package=mysql-server-5.0 > mysql-dfsg has been removed from sid and will be removed from etch when > removing causes no dependency problems. > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356751 > http://bjorn.haxx.se/debian/testing.pl?package=mysql-dfsg > I've updated our database with this information. fwiw, myodbc and mnogosearch are due to be updated in testing tomorrow, leaving only courier and kexi needing an update. kexi appears to be binNMUable, and courier needs the hppa buildd's sbuild config fixed to not reference libmysqlclient12 explicitly. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
