Re: RFS: pidgin-latex/1.4.4-2

To: Elías Alejandro <ealmdz@gmail.com>
Cc: debian-mentors@lists.debian.org
Subject: Re: RFS: pidgin-latex/1.4.4-2
From: Ansgar Burchardt <ansgar@debian.org>
Date: Tue, 28 Aug 2012 15:19:01 +0200
Message-id: <[🔎] 503CC545.2030208@debian.org>
In-reply-to: <[🔎] 20120828110054.GA2882@supersonic>
References: <[🔎] 20120828110054.GA2882@supersonic>

On 08/28/2012 01:00 PM, Elías Alejandro wrote:
>  NOTE: This version fix a security issue, please refer to:
>   http://pidgin-latex.cvs.sourceforge.net/viewvc/pidgin-latex/pidgin-latex/CHANGELOG?r1=1.4&r2=1.5

I guess this should be included in wheezy.  Please read the freeze
policy[1] to see what changes are still accepted.

  [1] <http://release.debian.org/wheezy/freeze_policy.html>

>   Changes since the last upload:
> 
>  * Bump debhelper to 9
>  * debian/copyright
>    + Update format as in Debian Policy 3.9.3
>  * debian/control
>    + Bump Standards-Version to 3.9.3

These changes should not be included.

>  * debian/rules
>    + Append CPPFLAGS from dpkg-buildflags as hardening option

This might be okay.

>  * debian/patches/01_security_issue.patch: Added. (Closes: #685888)
>   + This fix insufficient validation of LaTeX code and avoid
>     access to user local information.
>  * Corrected lintian warning
>    + Added missing license paragraph in debian/copyright file

These look okay as well.  Please note that I haven't looked at the
actual changes, just the changelog.  I'm also not part of the release team.

Ansgar

Reply to:

References:
- RFS: pidgin-latex/1.4.4-2
  - From: Elías Alejandro <ealmdz@gmail.com>

Prev by Date: Re: Need help for watch file
Next by Date: Re: Need help for watch file
Previous by thread: RFS: pidgin-latex/1.4.4-2
Next by thread: Processed: libpam-ssh: block ITP 664177 by RFS 686070
Index(es):
- Date
- Thread