* Matthew Gabeler-Lee: > Today debsecan alerted me about CVE-2013-1824 (a php5 issue). Based on the > PTS page for php5 and my system update schedule, I can say with near > certainty that I installed the fixed version of php5 more than two weeks > before it sent the report. Even if I'm mistaken on the two weeks, I > certainly had installed the fixed version before the report was generated.
The fact that CVE-2013-1824 was fixed in an older DSA was only recorded yesterday. As a a result, there was an unfixed -> fixed transition. I suppose it should be possible to suppress reporting it in cases where the version number does not actually change. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
