Re: tre package ready for testing
Hi Antoine,
On 26/10/16 19:43, Antoine Beaupré wrote:
> Hi Santiago (and others),
>
> I have prepared a wheezy LTS security upload for tre here:
>
> https://people.debian.org/~anarcat/debian/wheezy-lts/
>
> The debdiff is attached to this message. I have also sent the ported
> patch to the following bug report:
+tre (0.8.0-3+deb7u1) UNRELEASED; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * new patch to fix CVE-2016-8859
+
+ -- Antoine Beaupré <anarcat@debian.org> Wed, 26 Oct 2016 13:04:31 -0400
Probably s/Security/LTS/.
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842169
>
> I am not sure how to perform tests against tre, unfortunately, so I am
> not in a good position to test that package.
I don't know if there is a test case for this overflow, but at the very least,
you could do some basic testing on tre-agrep, which seems like a grep clone, and
make sure the basics still work?
Cheers,
Emilio
Reply to: