On Sat, Feb 05, 2011 at 02:20:14PM -0500, Michael Gilbert wrote: > Note that a new CVE id (CVE-2011-0536) has been assigned for a > vulnerability introduced by the patches for cve-2010-3847 [0]. It > sounds like this affects the recent DSAs. Please take a look at the > code and figure out what needs to be done to resolve these three > issues: CVE-2010-3847, CVE-2010-3856, CVE-2011-0536. >
I think CVE-2011-0536 corresponds to the Debian and Ubuntu bug, which didn't apply the correct patchset on the first security fix. -- Aurelien Jarno GPG: 1024D/F1BCDB73 [email protected] http://www.aurel32.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
