Secure testing team - Mar 2007 - Is the security bug tracker up-to-date?

Hi!

I noticed something weird on the security bug tracker[1].
Some vulnerabilities are still listed for testing as fixed in unstable,
while the package version that fixes the problem has already migrated
from unstable to testing.

For instance, the report[2] for CVE-2007-0981 states:

|
| iceweasel (PTS)    etch  2.0.0.1+dfsg-2  vulnerable
|                    sid   2.0.0.2+dfsg-3  fixed
|

On the other hand, the testing migration checker[3] says:

|
| * iceweasel has the same version in unstable and testing
| (2.0.0.2+dfsg-3) 
|

and the PTS[4] confirms that iceweasel 2.0.0.2+dfsg-3 migrated to
testing on 2007-03-10.

What''s wrong?

[1] http://security-tracker.debian.net/tracker/
[2] http://security-tracker.debian.net/tracker/CVE-2007-0981
[3] http://bjorn.haxx.se/debian/testing.pl?package=iceweasel
[4] http://packages.qa.debian.org/i/iceweasel.html


P.S.: Please Cc: me on replies, as I am not a list subscriber.  Thanks.


-- 
 http://frx.netsons.org/progs/scripts/refresh-pubring.html
 Need to refresh your keyring in a piecewise fashion?
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070312/92492928/attachment.pgp

* Francesco Poli:
> For instance, the report[2] for CVE-2007-0981 states:
>
> |
> | iceweasel (PTS)    etch  2.0.0.1+dfsg-2  vulnerable
> |                    sid   2.0.0.2+dfsg-3  fixed
> |
>
> On the other hand, the testing migration checker[3] says:
>
> |
> | * iceweasel has the same version in unstable and testing
> | (2.0.0.2+dfsg-3) 
> |
It turned out that this was the result of a strange interaction of
various cron jobs.  After watching things for a couple of days, I
think it''s fixed now.