Re: Upload of dpkg 1.15.5.7 to sid?

To: debian-dpkg@lists.debian.org
Subject: Re: Upload of dpkg 1.15.5.7 to sid?
From: Raphael Hertzog <hertzog@debian.org>
Date: Thu, 11 Mar 2010 11:06:26 +0100
Message-id: <20100311100626.GB427@rivendell>
Mail-followup-to: debian-dpkg@lists.debian.org
In-reply-to: <871vfrz2dm.fsf@turtle.gmx.de>
References: <871vfrz2dm.fsf@turtle.gmx.de>

Hi,

On Thu, 11 Mar 2010, Sven Joachim wrote:
> since the upcoming 1.15.6 release is supposed to be targeted at
> experimental, I think it would be a good idea to fix the recently
> spotted path traversal/symlink vulnerabilities of dpkg-source in sid as
> well.

Well, it should not stay in experimental for too long IMO. And the the
security issue is minor when dpkg-source is not employed in some automatic
setup (dak setup for example).

So I think we can avoid that sid upload.

On the other hand, I wonder what to do with further work and translations.
It's likely that 1.15.6 is the last major update to sid targetting
squeeze. So when do we switch to "freeze mode" where translations are
updated in the sid/squeeze branch and where master points to the next
version 1.16.x ?

Cheers,
-- 
Raphaël Hertzog

Like what I do? Sponsor me: http://ouaza.com/wp/2010/01/05/5-years-of-freexian/
My Debian goals: http://ouaza.com/wp/2010/01/09/debian-related-goals-for-2010/

Reply to:

References:
- Upload of dpkg 1.15.5.7 to sid?
  - From: Sven Joachim <svenjoac@gmx.de>

Prev by Date: Upload of dpkg 1.15.5.7 to sid?
Next by Date: Re: [PATCH] Use FIEMAP to sort .list files before scanning
Previous by thread: Upload of dpkg 1.15.5.7 to sid?
Next by thread: Re: [PATCH] Use FIEMAP to sort .list files before scanning
Index(es):
- Date
- Thread