Re: tre package ready for testing
On 26/10/16 19:43, Antoine Beaupré wrote:
> Hi Santiago (and others),
> I have prepared a wheezy LTS security upload for tre here:
> The debdiff is attached to this message. I have also sent the ported
> patch to the following bug report:
+tre (0.8.0-3+deb7u1) UNRELEASED; urgency=high
+ * Non-maintainer upload by the Security Team.
+ * new patch to fix CVE-2016-8859
+ -- Antoine Beaupré <firstname.lastname@example.org> Wed, 26 Oct 2016 13:04:31 -0400
> I am not sure how to perform tests against tre, unfortunately, so I am
> not in a good position to test that package.
I don't know if there is a test case for this overflow, but at the very least,
you could do some basic testing on tre-agrep, which seems like a grep clone, and
make sure the basics still work?