Discussion:
Bug#905304: security-tracker: DSA-4259-1 vs. tracker
Francesco Poli (wintermute)
2018-08-02 20:00:31 UTC
Permalink
Package: security-tracker
Severity: normal

Hello!

According to [DSA-4259-1], ruby2.3/2.3.3-1+deb9u3 fixes a number of
vulnerabilities, among which CVE-2017-17405, CVE-2017-17742,
CVE-2017-17790, and CVE-2018-6914.

However, the tracker pages for [CVE-2017-17405], [CVE-2017-17742],
[CVE-2017-17790], and [CVE-2018-6914] seem to disagree.

Is the tracker wrong?
Please update the tracker data, then.

Is the DSA wrong?
Please clarify (I searched in the tracker commit history on Salsa,
but I failed to find any explicit explanation about this
discrepancy...).

Thanks for your time!

[DSA-4259-1]: <https://lists.debian.org/debian-security-announce/2018/msg00188.html>
[CVE-2017-17405]: <https://security-tracker.debian.org/tracker/CVE-2017-17405>
[CVE-2017-17742]: <https://security-tracker.debian.org/tracker/CVE-2017-17742>
[CVE-2017-17790]: <https://security-tracker.debian.org/tracker/CVE-2017-17790>
[CVE-2018-6914]: <https://security-tracker.debian.org/tracker/CVE-2018-6914>
Debian Bug Tracking System
2018-08-02 20:30:06 UTC
Permalink
Your message dated Thu, 2 Aug 2018 22:28:12 +0200
with message-id <***@eldamar.local>
and subject line Re: Bug#905304: security-tracker: DSA-4259-1 vs. tracker
has caused the Debian Bug report #905304,
regarding security-tracker: DSA-4259-1 vs. tracker
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
905304: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905304
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Loading...