[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Pkg-phototools-devel] Jessie update of libexif?

Hi Mike and LTS team,

On Thu, 14 May 2020 at 15:42, Mike Gabriel wrote:
> The Debian LTS team would like to fix the security issues which are
> currently open in the Jessie version of libexif:
> https://security-tracker.debian.org/tracker/CVE-2020-12767
> Would you like to take care of this yourself?
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.

I currently maintain libexif but am not a DD, so I can't upload the
binary packages as per your workflow.

I've prepared a debdiff covering all outstanding CVEs and two
instances of undefined behaviour.

Internal tests pass at build time. The patches are the same as those
used in Sid, as the upstream version has not changed.

Hope this helps. Please let me know if you need anything else. Feel
free to adjust the changelog.


Attachment: libexif-0.6.21-2+deb8u2.debdiff
Description: Binary data

Reply to: