[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ibus/CVE-2019-14822/glibc

Emilio Pozuelo Monfort <pochu@debian.org> writes:

> Yes, that's the failing test I mentioned in my email. Building without the
> patches works for me. I am still looking at whether upgrading ibus is worth it
> due to the regression risk.

It looks like the 2nd patch that is doing this. Just the 1st patch is

My running theory at present is that the test is confused because
authentication is now required.

I have no idea whether this is worth it or not.

Possibly one option to think about is just patch ibus - that way the
security issue is solved, and wait and see if anybody complains about
the glib2.0 breakage.
Brian May <bam@debian.org>

Reply to: