Re: moin 1.5.3-1.2etch1 and CVE-2006-0658
Hi,
Jim Popovitch wrote:
> I'm seeing some inconsistencies floating around and reaching out here
> for some clarification.... ;-)
>
> According to this source
> http://idssi.enyo.de/tracker/CVE-2006-0658
> Etch "package moin is vulnerable".
>
> However there is no mention of it here:
> http://bugs.debian.org/cgi-bin/pkgreport.cgi?src=moin.
> Is there a vulnerable bug or not?
Thanks for pointing that out. moin in stable isn't affected, so I've updated the
database accordingly (the tracker should reflect this change in a couple of
minutes).
>
> Further, apt reports:
>
> Package moin is not available, but is referred to by another package.
> This may mean that the package is missing, has been obsoleted, or
> is only available from another source
> However the following packages replace it:
> moinmoin-common
>
That's because moin is the source package name, see: apt-cache showsrc moin
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
Reply to: