On Tue, Nov 23, 2004 at 03:15:17PM -0500, Joey Hess wrote: > Over the past couple of weeks the testing security team has reviewed all > CAN and CVE entries announced since the release of woody, to check which > of these security holes are still present in sarge. Adding this to the > earlier work to review DSAs, we now have a pretty good picture of > unfixed security holes in sarge, and can be reasonably sure that there > are no old forgotten security holes that never got a fix into sarge. Although > it's always possible we missed some or made mistakes, and we still have 50 > or so items marked TODO or HELP. > > We checked about 2700 items, of these about 600 had affected Debian at > some point, and 26 remain unfixed in sarge:
I will take care of the NMU candidates at the BSP weekend if not fixed until then. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/
