Hi, On Thu, Oct 13, 2022 at 02:57:58PM +0000, Gallet Lilian wrote: > Hello. > > > In security-tracker, for CVE-2022-2625, it's noted that this vulnerability is > NOT fixed in Debian 11, version 13.8-0+deb11u1. > https://security-tracker.debian.org/tracker/CVE-2022-2625 > > But, in the changelog of 13.8-0+deb11u1 version, it's noted that this > vulnerability is fixed. > https://metadata.ftp-master.debian.org/changelogs//main/p/postgresql-13/postgresql-13_13.8-0+deb11u1_changelog > > In the news of 10-september, it's noted that this vulnerability is fixed. > https://www.debian.org/News/2022/2022091002 > > So, where is the truth ?
Thank you, the security-tracker metadata on it was wrong and it is now fixed. Regards, Salvatore
