[VIM] Bitten by Mantis?
security curmudgeon
jericho at attrition.org
Wed Aug 24 17:55:46 EDT 2005
: For those who operate at a low level of detail for your vuln reports,
: watch out for the recent Mantis bugs. The Mantis changelog at
: http://www.mantisbt.org/changelog.php and Debian's "diff" file have
: inconsistencies regarding what was, or was not, fixed. Only 1 out of 4
: separate bugs seems to be covered by both Debian and the original Mantis
: developers. I have an inquiry into Debian for clarification, since it's
: not clear which issues CAN-2005-2557 should deal with.
I noticed this when creating four entries for OSVDB. Two of the four have
corresponding changelog that I saw (one was based on a small assumption
due to vague wording, but creditee matched). Two of the issues were not
referenced in the changelog, and only 1 of 4 bugzilla entries referenced
by Secunia were public.
More information about the VIM
mailing list