[Secure-testing-commits] r30711 - data/DLA
Raphaël Hertzog
hertzog at moszumanska.debian.org
Fri Dec 12 14:32:15 UTC 2014
Author: hertzog
Date: 2014-12-12 14:32:15 +0000 (Fri, 12 Dec 2014)
New Revision: 30711
Modified:
data/DLA/list
Log:
DLA-100-1 actually fixed CVE-2014-9116 and not CVE-2014-0467
CVE-2014-0467 had already been fixed by DSA 2874-1 with version
1.5.20-9+squeeze3.
The Debian changelog entries (both in 1.5.21-6.2+deb7u3 and
in 1.5.20-9+squeeze4) contain a bad CVE number that lead to this
mixup. The entry has been fixed in git:
http://anonscm.debian.org/cgit/pkg-mutt/mutt.git/commit/?h=wheezy-updates&id=5bd634e118fadacec9ee45d5a7959eb95efdc6a2
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2014-12-12 14:32:13 UTC (rev 30710)
+++ data/DLA/list 2014-12-12 14:32:15 UTC (rev 30711)
@@ -17,7 +17,7 @@
{CVE-2014-9029}
[squeeze] - jasper 1.900.1-7+squeeze2
[05 Dec 2014] DLA-100-1 mutt - security update
- {CVE-2014-0467}
+ {CVE-2014-9116}
[squeeze] - mutt 1.5.20-9+squeeze4
[05 Dec 2014] DLA-99-1 flac - security update
{CVE-2014-8962 CVE-2014-9028}
More information about the Secure-testing-commits
mailing list