* Julien Goodwin: > This should be listed as fixed for etch and sid as well from version > 0.8.6d-1 (First version where adodb code removed from source tarball).
AFAICT, this has been fixed. > Also: > CVE-2006-0456 kernel: strlen_user() DoS on s390 > <http://idssi.enyo.de/tracker/CVE-2006-0456> > - linux-headers-2.6.15-1-686-smp, linux-image-2.6-686-smp, > linux-image-2.6.15-1-686-smp, linux-headers-2.6.15-1, > linux-headers-2.6-686-smp > Would be nice if arch-specific issues (rare as I'm sure they are) could > be hidden if appropriate. We usually track bugs by their source packages. Basically, there are two reasons: The security team creates updates based on them, and binary package names (and versions, or the source package they are built from) can vary from architecture to architecture. I know that this approach has drawbacks, but it's still rather brittle, and I want to fix that before adding extensions to better deal with architecture-specific vulnerabilities. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
