Re: [SRM] proposed update backuppc for squeeze
On Wed, 2012-01-11 at 20:39 +0100, Thijs Kinkhorst wrote:
> I propose attached NMU for backuppc for squeeze. This is meant to address
> #654692, a bug where backuppc produces corrupted tarballs. For me this
> data corruption is important enough to want to fix it in squeeze.
> The bug was introduced in a Debian-specific patch, and
> oldstable/testing/unstable are not affected.
> I've taken the opportunity to include a "no-DSA" XSS fix.
Given that the affected logging code was apparently removed in the
upload immediately following that in Squeeze and the other issues are
fixed in unstable, I'd be happy for you to go ahead with this upload;
However, the version information for the logging-related bugs, to be
candid, sucks. Firstly, please add a fixed version to #654692 (I assume
"3.1.0-10" judging from the log). #558431's status is also rather
confused. It appears that -10 was never uploaded directly to the
archive and the upload including the fix didn't use -v, so the bug was
never marked as fixed. I'm also somewhat confused as to why it's tagged
"lenny" given that you indicated that oldstable doesn't include the
(As a side note, the "squeeze" tag on #654692 is also redundant. The
affected version is only in stable, so BTS version tracking will do the
right thing anyway, without the addition of any suite tags.)