Re: Bug#626844: pu: package kdenetwork/4:4.4.5-2+squeeze1

To: debian-release@lists.debian.org
Subject: Re: Bug#626844: pu: package kdenetwork/4:4.4.5-2+squeeze1
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 16 May 2011 18:52:08 +0200
Message-id: <[🔎] slrnit2lho.36q.jmm@inutil.org>
References: <20110515201735.989.76628.reportbug__4877.68550306118$1305490884$gmane$org@mdxdesktop.lan.vainius.eu>

Modestas Vainius <modax@debian.org> schrieb:
> This is a multi-part MIME message sent by reportbug.
>
>
> --===============6863449079706666967==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> Hello,
>
> [ Disclaimer: I've already asked security team about this upload and they told
> me to do it via s-p-u ]
>
> This upload would contain a patch that improves fix for CVE-2010-1000.
> Change-by-change details are below while full diff is attached.
>
> * Add cve_2010_1000_directory_traversal.diff, note that CVE-2010-1000 was
>   already fixed, but this patch performs a better protection against that
>   vulnerability.
>
>   http://git.debian.org/?p=pkg-kde/kde-sc/kdenetwork.git;a=commit;h=f18dc

FYI, the incomplete patch has been assigned CVE-2011-1586.

Cheers,
        Moritz

Reply to:

Prev by Date: Re: HDF5 Transition
Next by Date: Re: SAT based britney
Previous by thread: Processed: Re: Bug#626844: pu: package kdenetwork/4:4.4.5-2+squeeze1
Next by thread: Bug#626845: pu: package qt4-x11/4:4.6.3-4+squeeze1
Index(es):
- Date
- Thread