Re: Cinnamon security issue caused by segfault in caribou (as regression of xorg CVE-2020-25712 fix)
Hi Fabio,
On Sat, 16 Jan 2021, Fabio Fantoni wrote:
> Yesterday not seeing any answer on debian I prepared a MR on caribou
> that solves the problem:
> https://salsa.debian.org/gnome-team/caribou/-/merge_requests/2
>
> I already tested tested build
> (http://debomatic-amd64.debian.net/distribution#unstable/caribou/0.4.21-7.1~/buildlog
> <http://debomatic-amd64.debian.net/distribution#unstable/caribou/0.4.21-7.1~/buildlog>),
> installed and verified that issue is not reproducible anymore.
>
> I should do other things to make possible apply it ASAP?
Please do
* send an email to the bug report clearly stating that you will NMU
this, and attach the debdiff (nmudiff)
State that you will upload directly (without delay) after 7 days
according to https://www.debian.org/doc/manuals/developers-reference/pkgs.html#nmu
* wait and hope
OR:
* upload *now* to DELAY/9
* write to the bug report that according to (above link), after 7 days
of no activity a 0-delay is fine, and even if there is activity
a delay/2 is fine - that gives in sum at max a delay/9
That way we can do that now and forget about it ;-)
If you need the actual upload done, please prepare the package and send
me either a dget-able .dsc source, or the package.
Best
Norbert
--
PREINING Norbert https://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
Reply to: