[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preparation of Debian GNU/Linux 3.0r3



Matt Zimmerman wrote:
[..]

Thanks a lot for the comments and uploads.

> > kaffe       stable    1:1.0.5e-0.4  arm
> > kaffe       stable    1:1.0.5e-0.5  alpha i386 m68k sparc source
> > kaffe       updates   1:1.0.5e-1    i386 source
> > 
> > 	* Fixed a problem detecting time.h during build, source wouldn't compile.
> > 
> > 	* Changed temporary file name allocation to use mktemp in the kaffe wrapper
> > 	  for security reasons, closes: #191866
> > 
> > 	TODO: Review the changes
> 
> The tempfile changes, as I recall, were extremely obscure, kaffe doesn't
> really build at all on stable, and hasn't for quite some time.

Thanks, will reject.

> > nd          stable    0.5.0-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
> > nd          updates   0.5.0-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
> > 
> > 	DSA 412 nd - buffer overflows
> 
> Why does this require further investigation?

Oops, bug.  Fixed.  Moved to accept.  I just forgot to move the file around.

> > phpmyadmin  stable    2.2.3-1          all source
> > phpmyadmin  updates   2.5.2-1woody2.1  all source
> > 
> > 	* Stable security backport, closes: #203233.
> > 
> > 	* The upstream also fixes XSS vulnerabilities, information
> > 	  encoding weakness and transversal directory attack. This was
> > 	  mentioned in Debian.NEWS file only, not changelog.Debian file.
> > 	  See http://www.securityfocus.com/archive/1/325641. Closes: #203092.
> > 
> > 	* CVS fix: another patch for path disclosure problem.
> > 
> > 	* CVS fix: a user could not edit his own global privileges.
> 
> This isn't a backport; the maintainer just uploaded the unstable version to
> stable.  It includes a slew of unrelated changes, and is not acceptable for
> stable.  And since it's already accepted to proposed-updates, we can't
> upload a proper backport either.

Thanks, will reject.

Regards,

	Joey

-- 
The MS-DOS filesystem is nice for removable media.  -- H. Peter Anvin

Please always Cc to me when replying to me on the lists.



Reply to: