On Tue, 6 Jun 2006 00:27:24 +0200 Francesco Poli wrote: > On Mon, 5 Jun 2006 11:30:29 +0200 Djoume SALVETTI wrote: > > > Thanks for your report > > You're welcome. > > BTW, since you appreciated it, here's more of the same! ;-)
And even more: * ruby1.6 1.6.8-13 needed, have 1.6.8-12 [m68k] for CVE-2005-2337 I cannot see any evidence that the m68k arch is still out of sync w.r.t. to this package. If I read the package migration status[1] correctly, this vulnerability seems to be fixed in unstable and testing for all architectures. Wait, no!, from the build log[2], it seems that the m68k build failed! Why doesn't the package migration status[1] say anything about this? What's wrong? What did I fail to understand? [1] http://bjorn.haxx.se/debian/testing.pl?package=ruby1.6 [2] http://buildd.debian.org/fetch.php?&pkg=ruby1.6&ver=1.6.8-13&arch=m68k&stamp=1141764930&file=log&as=raw * runit (unfixed; bug #356016) for CVE-2006-1319 The bug report[3] claims the issue is fixed in version 1.4.1-1, which is already superseded by version 1.5.1-1 in testing[4]. Hence, I would say this vulnerability is fixed in both unstable and testing. [3] http://bugs.debian.org/356016 [4] http://bjorn.haxx.se/debian/testing.pl?package=runit -- :-( This Universe is buggy! Where's the Creator's BTS? ;-) ...................................................................... Francesco Poli GnuPG Key ID = DD6DFCF4 Key fingerprint = C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
pgpRdk6MiGmMT.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
