[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rails update

On Fri, Jul 10, 2020 at 11:55:37AM +0200, Sylvain Beucler wrote:
> Hi,
> 
> On 10/07/2020 10:28, Moritz Mühlenhoff wrote:
> > On Wed, Jul 08, 2020 at 12:45:08PM +0200, Sylvain Beucler wrote:
> >> Hi,
> >>
> >> - buster update
> >>
> >> I now "up-ported" my stretch work at:
> >> https://www.beuc.net/tmp/debian-lts/rails-buster/
> >> + added the redis side of CVE-2020-8165
> > 
> > What do you mean with up-ported? Applying a patch made for an older release
> > to a more recent release will miss all code which wasn't present in
> > the older suite.
> 
> To phrase it more precisely, I went back to the upstream patches for
> 5.2, applied them and unit-tested them.

Ah, ok! I'll have a look at this over the weekend.

Cheers,
        Moritz
Reply to: