This one time, at band camp, Joey Hess said: > If this bug is not fixed in 0.86.1, why was it marked as fixed in that > version by the mail at > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316401&msg=48 ? > > Just trying to track this stuff, and now very confused.
At the time I wrote the mail that it wasn;t fixed in 0.86.1, I was confused. I looked at the CVE, and saw that the code in question had not changed, so I assumed the bug was still present. The reality of the situation is that the way that function was called was changed in 0.86.1, fixing the bug. So, it was my mistake, basically, and it was closed with 0.86.1. I have notes to that effect in the changelog locally, to make this tracking easier for you in the future, but I have not yet uploaded. Whenever we get CAN's for the last round of vulnerabilities, I will put them in as well. Thanks, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
