Hi László, hi Santiago, On Di 26 Mai 2015 21:33:01 CEST, László Böszörményi (GCS) wrote:
Hi Santiago, On Tue, May 26, 2015 at 6:42 PM, Santiago Ruano Rincón <santiagorr@riseup.net> wrote:Please find the attached dpatch to prevent CVE-2015-3202 in squeeze. It makes lib/mount_util.c use execle instead of execl to run external helpers. Please, let me know if you want me to upload a patched package, or if you want to do it by yourself.I can do it myself, I've the build system for Squeeze as well. My only question if it should be an NMU or am I allowed to change the maintainer? At least the former would be a bit strange for me as I'm the actual maintainer, why should I NMU it?
@László: Just a heads up from the LTS team... Will you be doing the upload of fuse to squeeze-lts in the next days or do you need assistance with it (e.g. the actual upload, but also: writing the DLA mail, handle the update of the secure-testing SVN repo, etc.)?
@Santiago: please put your name in data/dla-needed.txt when starting to work on an LTS package update. I put my name in for fuse yesterday and realized just now, that you already started working on fuse for squeeze-lts (which is great!!!).
Regards, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
pgpPSamgfUvgN.pgp
Description: Digitale PGP-Signatur