Hi! I noticed something weird on the security bug tracker[1]. Some vulnerabilities are still listed for testing as fixed in unstable, while the package version that fixes the problem has already migrated from unstable to testing.
For instance, the report[2] for CVE-2007-0981 states: | | iceweasel (PTS) etch 2.0.0.1+dfsg-2 vulnerable | sid 2.0.0.2+dfsg-3 fixed | On the other hand, the testing migration checker[3] says: | | * iceweasel has the same version in unstable and testing | (2.0.0.2+dfsg-3) | and the PTS[4] confirms that iceweasel 2.0.0.2+dfsg-3 migrated to testing on 2007-03-10. What's wrong? [1] http://security-tracker.debian.net/tracker/ [2] http://security-tracker.debian.net/tracker/CVE-2007-0981 [3] http://bjorn.haxx.se/debian/testing.pl?package=iceweasel [4] http://packages.qa.debian.org/i/iceweasel.html P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- http://frx.netsons.org/progs/scripts/refresh-pubring.html Need to refresh your keyring in a piecewise fashion? ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
pgpHajSA6h4AP.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
