Re: How to deal with wireshark CVE affecting Squeeze
Hi Balint,
On Tue, 14 Apr 2015, Bálint Réczey wrote:
> I have prepared the DLA and uploaded the fixed package but it ended up in NEW.
> Dear FTP Masters, please accept it.
FTR the package has been accepted on the same day. However I have not seen
DLA-198-1 on debian-lts-announce@l.d.o (did your forget to sign it?).
I just noticed that the DLA data had two small mistakes:
- it said version 1.2.11-6+squeeze15 instead of 1.8.2-5wheezy15~deb6u1
- CVE-2015-0562 was missing from the list of fixed CVE
I fixed both of those in the security tracker, you might want
to fix them in your announce before sending it to
debian-lts-announce@l.d.o.
> I would like to wait with that, since there was a lot of back and
> forth changes already. :-)
Sure, as long as you don't forget about it. :)
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Reply to: