Bug#513022: Possible security flaw in ad-hoc probe request processing

[Ben Hutchings <ben@decadent.org.uk>]

On Thu, Jan 29, 2009 at 09:17:26AM +0100, Bastian Blank wrote:
> On Thu, Jan 29, 2009 at 02:26:56AM +0000, Ben Hutchings wrote:
> > This ought to be fixable by a binNMU, but linux-modules-contrib-2.6 is
> > not binNMU-safe.  And rebuilding it properly in unstable will add new
> > binary packages for the vserver flavour.  Perhaps a testing-security
> > upload is in order.
> 
> Both testing and unstable have the same version of linux-2.6, it will
> not change anything.

Ah, I didn't realise linux-support-2.6.x is also built from linux-2.6.

> > I did at least find the magic runes to add a build-dependency on the
> > fixed version of rt73-source:
> 
> > +[relations]
> > +source: rt73-source (>= 1:1.0.3.6-cvs20080623-dfsg1-3)
> 
> This is not the way such things are handled in Debian.
 
Perhaps you should get on with handling this the way you want to, or
even *documenting* the build system, rather than telling me how not to
do it.

Ben.

-- 
Ben Hutchings
Who are all these weirdos? - David Bowie, about L-Space IRC channel #afp