reopen 600667 thanks Maybe I'm reading things wrong, or maybe Mitre's information is actually incorrect, but it looks like the fixes claimed for CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead. It looks like CVE-2010-3847 [1] is still unfixed. The original fix in -7 may have been correct to begin with?
Best wishes, Mike [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
