Re: try to fix CVE-2012-4528
On Thu, Jun 05, 2014 at 11:25:23PM +0200, matteo filippetto wrote:
> 2014-06-05 14:42 GMT+02:00 matteo filippetto <firstname.lastname@example.org>:
> >> I'm following https://wiki.debian.org/BuildingTutorial
> >> to fix https://security-tracker.debian.org/tracker/CVE-2012-4528
> I manage to create the patch (see attachment).
> This is my first debdiff patch and I'm still learning so it could be
> full of mistakes.
I can't speak to the content of the changes themselves (as to whether or not
they fix the security hole), but the packaging changes look OK. If you'd
like, you can create a patched package and put it up somewhere, and I'll
review it for you. If you need someone to upload, give me a description of
the testing you've done with the fixed package, and if it's been
well-tested, I'll upload it (and send the announcement in your name).
(I'm about to go away for a few days; I'm expecting to have Internet
connectivity and plenty of free time, but in case I don't, that's why I
might not be real responsive until Tuesday. If I'm incommunicado and
someone else helps you out in the meantime, I won't be offended. <grin>)