Re: jessie update for openldap (CVE-2020-12243)
On Fri, May 01, 2020 at 05:44:57PM -0400, Roberto C. Sánchez wrote:
> On Fri, May 01, 2020 at 02:25:25PM -0700, Ryan Tandy wrote:
> > Dear LTS team,
> >
> > I prepared an update for openldap to fix CVE-2020-12243, containing the same
> > changes as DSA-4666-1. I have built and tested the package in a clean jessie
> > chroot.
> >
> > The debdiff is attached, or you can obtain the git branch from salsa[1]. I
> > would be happy if someone would sponsor the upload to jessie-security and
> > issue the DLA.
> >
> Hi Ryan!
>
> Thanks for taking care of preparing the update. I will upload and
> release the DLA shortly.
>
Hi Ryan. The update is uploaded and built on all architectures and I
have published the DLA.
I tried to push a tag, but I do not have commit permissions to the
openldap project in Salsa. You might consider tagging the current HEAD
of the jessie branch with gbp when you have a moment.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: