On Wed, Jun 19, 2013 at 4:35 PM, Kurt Roeckx wrote: > On Wed, Jun 19, 2013 at 06:55:57PM +0000, Roland Karch wrote: >> Indeed I am. And I got it from wheezy: >> >> http://packages.debian.org/wheezy/libtiff4 >> >> >> And me running the version just between those was, well... part of why I >> asked my original question. > > So it seems we have those source packages: > tiff | 3.9.4-5+squeeze8 | squeeze | source > tiff | 3.9.4-5+squeeze9 | squeeze-security | source > tiff | 4.0.2-6 | wheezy | source > tiff | 4.0.2-6+deb7u1 | wheezy-security | source > tiff | 4.0.2-6+nmu1 | jessie | source > tiff | 4.0.2-6+nmu1 | sid | source > tiff3 | 3.9.6-11 | wheezy | source > tiff3 | 3.9.6-11 | jessie | source > tiff3 | 3.9.6-11 | sid | source > > And the update was only for the "tiff" source package, not for the > tiff3 that's also in wheezy. > > The security tracker seems to be missing the information on the > tiff3 source package.
I was not aware that there was a tiff3 source package until just now, but we're starting to triage the situation: https://bugs.debian.org/712840 Best wishes, Mike -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CANTw=MM5y_=rj3taqpx8t_iwlfsh8uwkgpi32ecjpvj9j8v...@mail.gmail.com
