Thomas Wana wrote:
> > Just like to bring bug #350964 back to the limelight. Briefly recapping
> >
> > Feb 2, I created the bug report
> > Feb 6, unstable fixed by Thomas
> > Feb 13 DSA 969-1 released
> > Feb 15 I questioned if sarge fixed, Thomas, Joey and Steve respond/discuss.
> >
> > At the moment it looks like Thomas is suggesting that DSA 969 didn't fix
> > this bug, but did fix another bug, the CVE mentioned in the DSA.
> >
> > I don't know if Thomas is saying this based on the text of the DSA, or
> > if he compared the actual package to the patch he suggested. It would be
> > great to get confirmation that either the DSA did fix this bug, or that
> > another DSA might be needed.
>
> I didn't check the CVE numbers now, but the current package in stable/
> testing/unstable fixes both critical bugs that were discovered in scponly.
Confirmed, I checked the sources. The fix for CVE-2005-4533 is included in
DSA-969, I've added the CVE ID to the web overview, so this bug can be closed.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
