Package: libsdl-image1.2 Version: 1.2.5-2+b1 Severity: grave Justification: user security hole Tags: security
I am unsure where the error is, please reassign appropriately.
On Feb. 10th I got the mail about DSA 1493-1. I also "see" this DSA:
remaxp:~# env LANG=C apt-cache policy libsdl-image1.2
libsdl-image1.2:
Installed: 1.2.5-2+b1
Candidate: 1.2.5-2+b1
Version table:
*** 1.2.5-2+b1 0
500 http://127.0.0.1 etch/main Packages
100 /var/lib/dpkg/status
1.2.5-2etch1 0
500 http://127.0.0.1 etch/updates/main Packages
But as you can see, it is not going to be installed:
remaxp:~# env LANG=C apt-get install libsdl-image1.2
Reading package lists... Done
Building dependency tree... Done
libsdl-image1.2 is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Thus CVE-2007-6697 and CVE-2008-0544 are not yet fixed.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.19.2-grsec-cz01
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages libsdl-image1.2 depends on:
ii libc6 2.3.6.ds1-13etch4 GNU C Library: Shared libraries
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libsdl1.2debian 1.2.11-8 Simple DirectMedia Layer
ii zlib1g 1:1.2.3-13 compression library - runtime
libsdl-image1.2 recommends no packages.
-- no debconf information
--
Dr. Helge Kreutzmann [EMAIL PROTECTED]
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature

