Re: RFS: xpdf (updated package)

To: debian-mentors@lists.debian.org
Subject: Re: RFS: xpdf (updated package)
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sun, 7 Feb 2010 14:50:07 -0500
Message-id: <[🔎] 20100207145007.338ec152.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 20100207181937.GA30053@ngolde.de>
References: <[🔎] 20100206211149.9242fd78.michael.s.gilbert@gmail.com> <[🔎] 20100207181937.GA30053@ngolde.de>

On Sun, 7 Feb 2010 19:19:37 +0100 Nico Golde wrote:

> Hey,
> * Michael Gilbert <michael.s.gilbert@gmail.com> [2010-02-07 18:22]:
> > I have prepared an updated package for xpdf that fixes quite a few
> > security issues (and a couple cosmetic ones as well).  The package is
> > available at [0].  Note that I've built updated etch and lenny packages
> > there as well, which I am getting sponsorship from the security team.
> > They can be ignored.
> > 
> > Would anyone be willing to sponsor this upload?
> 
> Please split the security patches into separated files for each CVE id. 
> Otherwise it's impossible to check whether you fixed all of them or not.

The applied patch is an exact copy of the upstream patch, and I've
checked each CVE individually, so I believe they are all addressed.
Isn't it better to conform to upstream's code when feasible?

https://bugzilla.redhat.com/show_bug.cgi?id=526637 may be useful.

Mike

Reply to:

Follow-Ups:
- Re: RFS: xpdf (updated package)
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

References:
- RFS: xpdf (updated package)
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>
- Re: RFS: xpdf (updated package)
  - From: Nico Golde <nico@ngolde.de>

Prev by Date: Re: RFS: xpdf (updated package)
Next by Date: Re: RFS: xpdf (updated package)
Previous by thread: Re: RFS: xpdf (updated package)
Next by thread: Re: RFS: xpdf (updated package)
Index(es):
- Date
- Thread