thr3ads.net - Secure testing team - [Secure-testing-team] Question about CVE not appearing in the tracker [Sep 2006]

If this information is useful, please help other people find it:
Share via:

Stefan Fritsch

2006-Sep-05 20:31 UTC

[Secure-testing-team] Question about CVE not appearing in the tracker

Hi,

there is in CVE/list:

CVE-2006-4031 (MySQL 4.1 ...)
        - mysql-dfsg-5.0 5.0.24-1 (bug #382415; low)
        - mysql-dfsg <removed> (bug #380271; low)
        [sarge] - mysql-dfsg-4.1 <no-dsa> (Now ...)
        [sarge] - mysql-dfsg <no-dsa> (Now ...)

and I would expect that this would mark mysql-dfsg-4.1 as vulnerable 
in sarge, but with a "*" for no-dsa. However at [1], 
CVE-2006-4031 does not appear for mysql-dfsg-4.1 at all. Is this a bug 
in the tracker or do I misunderstand something?

Cheers,
Stefan

[1] http://security-tracker.debian.net/tracker/status/release/stable
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060905/b208d81a/attachment.pgp

Secure testing team - Sep 2006 - Question about CVE not appearing in the tracker

[Secure-testing-team] Question about CVE not appearing in the tracker