On Tue, Sep 13, 2011 at 02:14:24AM +0200, Javier Fernandez-Sanguino wrote:
> On 12 September 2011 19:12, Moritz Muehlenhoff <[email protected]> wrote:
> > Please see http://seclists.org/oss-sec/2011/q3/429 for details.
>
> I will review the fix and apply (or backport it) to the openvas-server
> (2.x series in unstable) and the openvas-scanner (3.x series in
> experimental).
Thanks for your verbose analysis.
> Moritz, do you believe this bug merits a DSA? Please let me know, I
> can also provide compiled packages for Wheezy if needed be.
No, this doesn't warrant a DSA. We can either postpone it until a more
severe OpenVAS issue is found we it can be fixed through a point update.
I'm adding Jonathan Wiltshire to CC. He's coordinating the minor
security fixes, which get fixed through stable-proposed-updates.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]