On Wed, 2 May 2007 23:13:30 +0200 Stefan Fritsch <[EMAIL PROTECTED]> wrote:
> Hi, > > On Mittwoch, 2. Mai 2007, Celejar wrote: > > Dann Frazier <[EMAIL PROTECTED]> wrote: > > > Package : linux-2.6 > > > Vulnerability : several > > > Problem-Type : local/remote > > > Debian-specific: no > > > CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357 > > > CVE-2007-1592 > > > 1) DSA 1286-1 isn't (yet) on the Debian Security page [0]. I assume > > this means that the advisories are mailed first and subsequently > > added to the website? > > Yes. > > > 2) The advisory doesn't mention unstable, but three of the four > > CVEs affect kernels up to 2.6.21, which would include 2.6.20 in > > unstable. Will there be an advisory mentioning unstable? > > No, the fixes will just be (or already have been) uploaded to > unstable. > > You can get more up-to-date information from the security tracker: > > http://security-tracker.debian.net/tracker/CVE-2007-0005 > ... > http://security-tracker.debian.net/tracker/status/release/unstable > > The information there shows that the issues are already fixed in > 2.6.20-1. > > Look at the debsecan package. It can notify you about security issues > in unstable automatically. > > Cheers, > Stefan Thanks very much for the information. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
