Re: CAN-2005-1920: information leak in kate / kwrite
* Martin Schulze [Sat, 23 Jul 2005 18:17:48 +0200]:
> Hi,
Hi Martin,
> did you notice <http://www.kde.org/info/security/advisory-20050718-1.txt>?
Yes.
> I'm building an update for sarge now. Can you tell me which version
> of the package will have the fix included in sid?
No, we really can't tell. The upload that will fix this is quite far
away, because it depends on several other libraries (Qt, aRts, kdelibs)
doing its C++ ABI transition first. With this timespan, it'd be hard
to predict the version number (we still don't know whether it'll be
KDE 3.4.1 or 3.4.2, go figure).
If you want to mention something about sid in the advisory, perhaps
you could go with something similar to "This issue has been fixed in
kate 3.4.1-1, available from experimental. Packages based on this
version will be uploaded to unstable as soon as the necessary
libraries have made their C++ ABI transition."
Thanks for your interest,
--
Adeodato Simó
EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
Algebraic symbols are used when you do not know what you are talking about.
-- Philippe Schnoebelen
Reply to: