Package: security-tracker Severity: normal Hi everyone!
DSA-3464-1 [1] states that several vulnerabilities are fixed in rails/2:4.2.5.1-1 for sid, but the tracker claims that two of them [2][3] are still unfixed in sid. Is the DSA wrong or should the tracker data be updated? Please clarify, thanks for your time! [1] https://lists.debian.org/debian-security-announce/2016/msg00034.html [2] https://security-tracker.debian.org/tracker/CVE-2015-3226 [3] https://security-tracker.debian.org/tracker/CVE-2015-3227
