Re: Wheezy update of kde4libs?

To: Chris Lamb <lamby@debian.org>, Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Cc: George Kiagiadakis <kiagiadakis.george@gmail.com>, debian-lts@lists.debian.org
Subject: Re: Wheezy update of kde4libs?
From: Maximiliano Curia <maxy@debian.org>
Date: Tue, 19 Jul 2016 17:58:32 +0200
Message-id: <[🔎] 8799728.4QDSRWMAuy@neoptolemo>
In-reply-to: <[🔎] 1468910933.224070.670281145.2871BD95@webmail.messagingengine.com>
References: <[🔎] 1468910933.224070.670281145.2871BD95@webmail.messagingengine.com>

On Tuesday, 19 July 2016 08:48:53 CEST Chris Lamb wrote:
> Hello dear maintainer(s),

> the Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of kde4libs:
> https://security-tracker.debian.org/tracker/CVE-2016-6232

> Would you like to take care of this yourself?

I just did the upload to unstable, with the karchive fix from upstream and an 
modified version of that one for kde4libs. The second one needs some test, 
sadly adding the (binary) test file used in karchive is a bit of a burden.

After these packages are available we would need to backport the change to 
stable. Right now, I can't promise that I would have the time to take care of 
this. So volunteers for taking care of this are welcome.

If needed, I'm willing to help anyone working on this.

> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development

> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.

> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.

> Thank you very much.
 
Thanks to you.

> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=ma
> rkup

Happy hacking,
-- 
"There are two major products that come out of Berkeley: LSD and BSD.
We don't believe this to be a coincidence."
-- Jeremy S. Anderson
Saludos /\/\ /\ >< `/

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: Wheezy update of kde4libs?
  - From: Brian May <bam@debian.org>

References:
- Wheezy update of kde4libs?
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: CVE-2016-6232 / kdelibs4
Next by Date: Re: Wheezy update of kde4libs?
Previous by thread: Wheezy update of kde4libs?
Next by thread: Re: Wheezy update of kde4libs?
Index(es):
- Date
- Thread