Hi! It seems to me that the tracker DSA-1310-1 page[1] refers to the wrong CVE number. It currently refers to CVE-2007-2138[2], which does not seem to have anything to do with libexif. The DSA[3] instead refers CVE-2006-4168[4], which is indeed related to libexif. Am I misreading something, or should this datum be fixed?
[1] http://security-tracker.debian.net/tracker/DSA-1310-1 [2] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2138 [3] http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00071.html [4] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4168 P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- http://frx.netsons.org/doc/nanodocs/testing_workstation_install.html Need to read a Debian testing installation walk-through? ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
pgpsoZmFtMeGH.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
