© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Hello,
Please note that Ubuntu, much like Debian, SuSE, and Red Hat, backport security fixes to the versions that we have shipped, so comparing version numbers alone isn't a reliable way to determine which vulnerabilities, if any, are still open for a given package. For more information, see our FAQ and Debian's FAQ entries (the Debian faq doesn't apply directly, but I like this specific entry.) https:/
You can see that this CVE is still not handled yet:
http://
and that tcpdump has several more known security issues that need to be fixed:
http://
Our CVE tracking database can be queried at http://
We can't fix every issue immediately, and we have to prioritize our work based on the severity of the issue and how common the tools are, how much user interaction might be necessary to make exploits work. etc.
Thanks