[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: jessie update for openldap (CVE-2020-12243)

On Fri, May 01, 2020 at 05:44:57PM -0400, Roberto C. Sánchez wrote:
> On Fri, May 01, 2020 at 02:25:25PM -0700, Ryan Tandy wrote:
> > Dear LTS team,
> > 
> > I prepared an update for openldap to fix CVE-2020-12243, containing the same
> > changes as DSA-4666-1. I have built and tested the package in a clean jessie
> > chroot.
> > 
> > The debdiff is attached, or you can obtain the git branch from salsa[1].  I
> > would be happy if someone would sponsor the upload to jessie-security and
> > issue the DLA.
> > 
> Hi Ryan!
> 
> Thanks for taking care of preparing the update.  I will upload and
> release the DLA shortly.
> 
Hi Ryan.  The update is uploaded and built on all architectures and I
have published the DLA.

I tried to push a tag, but I do not have commit permissions to the
openldap project in Salsa.  You might consider tagging the current HEAD
of the jessie branch with gbp when you have a moment.

Regards,

-Roberto

-- 
Roberto C. Sánchez
Reply to: