Re: Bug#584653: CVE-2010-2055

[Moritz Muehlenhoff <jmm@inutil.org>]

On 2010-12-23, Julien Cristau <jcristau@debian.org> wrote:
>
> --C7zPtVaVf+AK4Oqc
> Content-Type: text/plain; charset=iso-8859-1
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> user release.debian.org@packages.debian.org
> usertag 584653 squeeze-is-blocker
> usertag 584663 squeeze-is-blocker
> kthxbye
>
> On Fri, Dec 17, 2010 at 20:15:19 -0500, Michael Gilbert wrote:
>
>> On Sun, Dec 12, 2010 at 3:31 PM, Michael Gilbert wrote:
>> > On Fri, Dec 10, 2010 at 11:03 PM, Jonas Smedegaard wrote:
>> >> Please do push your changes and prepare a release for unstable. =A0That
>> >> release will not be an NMU, though, but a real release by our team,
>> >> including you!
>> >
>> > I created a new branch and pushed it to git called 8.71-dfsg2-7.
>> > Please review and merge/upload if you feel comfortable with it.
>>=20
>> Do you have any feedback on these changes?  If not, is there anything
>> else I can address thats currently holding this up?  Thanks,
>>=20
> jmm says this needs to be fixed pre-release.  Tagging accordingly and
> Cc:ing debian-devel per the latest release update.
>
> I'll try and go over your changes if there's no progress in the next few
> days.

I'm currently checking Michael's update and will upload once a final
version is available.

Note, there's also a second RC Ghostscript issue wrt printing in GTK.
I don't have a printer, so I can't test it, this will have to be
addressed later once the security issue is fixed.

Cheers,
        Moritz