Bug#776186: busybox: CVE-2014-9645
04.03.2015 19:10, Cyril Brulebois wrote:
> Looking at the just uploaded -15, I don't understand what you tried to
> do there.
I didn't upload -15, I just tried to clean up what's left
before I retire, and - unintentionally - pushed things to
git.d.o. It was my mistake. More, we have 2 branches, one
master and one debian-unstable, I now don't remember anymore
which is which, my local debian-unstable was set to track
master, yet the d-unstable changes were in debian-unstable
branch, not in master branch.
Now, since you apparently pulled the changes already, should
I keep it this (unreleased but committed) way, or should I
push -f without my last changes?
> In the meanwhile I had been included Michael's proposed fix for
> CVE-2014-9645 aka. #776186, as opposed to CVE-2014-4607 aka. #768945,
> and successfully testing it in a d-i context.
>
> Since you updated the master branch with what got uploaded, I've pushed
I updated debian-unstable branch long time ago. I don't remember
why I didn't use master, -- probably because previous maintainer
left it that way, when all development happens in debian-unstable
branch not in master branch. It was my mistake. I just wanted
to ensure nothing's left in my local repo before I officially step
out of busybox maintainership.
> my local branch as pu/776186. I have the same changes for the jessie
> branch, and initially planned on first getting stuff into unstable, let
> it be tested for a while there, then consider tpu-ing.
>
> Feel free to incorporate bits of the said branch and upload again to
> unstable; I can then deal with the jessie part later.
I don't understand what you're saying. I created a mess in git repo
today which I didn't want to create, I apologize for that and am asking
for advise about what to do with it. It is not a new upload, I didn't
plan to make uploads really. But I completely lost understanding of
your intentions, -- it was already completely unclear for me why do
you do all this complex things (branching off some earlier revision
rewriting history, etc) when the solution is much much simpler. Now
I don't understand anything at all.
Thanks,
/mjt
Reply to: