[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: try to fix CVE-2012-4528

Hi Matteo,

On Thu, Jun 05, 2014 at 11:25:23PM +0200, matteo filippetto wrote:
> 2014-06-05 14:42 GMT+02:00 matteo filippetto <matteo.filippetto@gmail.com>:
> >>
> >> I'm following https://wiki.debian.org/BuildingTutorial
> >> to fix https://security-tracker.debian.org/tracker/CVE-2012-4528
> >>
> 
> So,
> 
> I manage to create the patch (see attachment).
> 
> This is my first debdiff patch and I'm still learning so it could be
> full of mistakes.

I can't speak to the content of the changes themselves (as to whether or not
they fix the security hole), but the packaging changes look OK.  If you'd
like, you can create a patched package and put it up somewhere, and I'll
review it for you.  If you need someone to upload, give me a description of
the testing you've done with the fixed package, and if it's been
well-tested, I'll upload it (and send the announcement in your name).

(I'm about to go away for a few days; I'm expecting to have Internet
connectivity and plenty of free time, but in case I don't, that's why I
might not be real responsive until Tuesday.  If I'm incommunicado and
someone else helps you out in the meantime, I won't be offended.  <grin>)

- Matt
Reply to: