Arne mentioned
http://security-tracker.debian.org/tracker/CVE-2010-2055
and in there, I see:
- Bug #592569 is referenced. Surely wrong: that CVE pre-dates my
request to make -dSAFER the default, was about -P- and similar.
- "experimental 9.00~dfsg-2 vulnerable" whereas bugs #584653 and
#58
So, to clarify, does that mean that this 6 month old [1] security problem
which was deemed too difficult to fix by the stable security team [2] will
be around for the next 2 years because the only available fix does not make
it into stable? [3]
[1] http://www.securityfocus.com/archive/1/511433
[2]
2 matches
Mail list logo
