[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#626003: pu: package qemu-kvm/0.12.5+dfsg-5+squeeze2 (+squeeze3?)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

17.05.2011 00:25, Philipp Kern wrote:
> Hi,
> 
> On Mon, May 09, 2011 at 10:49:51PM +0400, Michael Tokarev wrote:
>> 09.05.2011 22:10, Philipp Kern wrote:
>>> On Mon, May 09, 2011 at 12:44:54PM +0400, Michael Tokarev wrote:
>>>> I forgot to show a debdiff for the request.
>>> Please debdiff the source, not the resulting binary.  And yeah, I marked this
>>> mail as to-do while on the road because the diff was actually missing.  If you
>>> can just attach it to a reply that would be quite helpful.
>> Here it goes.  Thank you!
> 
> sorry for the late reply: please go ahead.

Philipp, you ACKed the changes in qemu-kvm for squeeze already,
but on the way to the archive the package encountered an unrelated
security problem (CVE-2011-1751) which has been fixed by releasing
0.12.5+dfsg-5+squeeze2 with entirely different changes than the
ones we discussed.

So I'm asking again for permission to upload a bugfix release for
squeeze, now +squeeze3 version, with the same changes as planned
and discussed.

The changes are exactly the same except of the version number.
Here's the diff between the version in stable-security and
planned version (I wanted to ask earlier but due to alioth
conversion gitweb didn't work):

http://anonscm.debian.org/gitweb/?p=collab-maint/qemu-kvm.git;a=commitdiff;h=refs/heads/squeeze;hp=refs/heads/squeeze-security

Is it ok to upload this new version?  Should I retitle
#626003 while at it?

Thanks!

/mjt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iJwEAQECAAYFAk3fRbwACgkQUlPFrXTwyDjCowQAiLJyXj9m6zD+SVw2vRV3n4cf
tQnGA7uLKO4dqrDWFdYZzhcvBIWkbeg6F1ey5ZLIX9GriAo8YvicBhM70dEywZHJ
Y49Omwz/v5yK6G/xP1o2CZ2VjvhCNCPC5QJXybeEN0SRME6hgn/p6SQW9ea2Lzje
k3cQPMzquM9tg7DTc58=
=KNMi
-----END PGP SIGNATURE-----
Reply to: