[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Ubuntu transition to 3.11.1] Specific changes on camlimages

David MENTRE wrote:

Hello,

Same issue as my previous emails. camlimage is modified in Ubuntu. I
think the security issue is fixed in latest Debian package.
(confirmation?) What about the coma added to Build: header?

https://patches.ubuntu.com/c/camlimages/camlimages_1:3.0.1-1ubuntu1.patch

diff -pruN 1:3.0.1-1/debian/changelog 1:3.0.1-1ubuntu1/debian/changelog
--- 1:3.0.1-1/debian/changelog	2009-07-07 18:20:29.000000000 +0100
+++ 1:3.0.1-1ubuntu1/debian/changelog	2009-07-07 18:17:32.000000000 +0100
@@ -1,3 +1,12 @@
+camlimages (1:3.0.1-1ubuntu1) karmic; urgency=low
+
+  * debian/patches/fix_integer_overflows.dpatch:
+    Add patch from ocamlimages 1:3.0.1-2 to fix CVE-2009-2295 as we don't want
+    to transition to OCaml 3.11.1 yet.
+  * debian/control: Add missing comma in Build-Depends (lp: #391546).
+
+ -- Michael Bienia <geser@ubuntu.com>  Tue, 07 Jul 2009 16:54:47 +0200
+
These changes are included in the latest Debian package (1:3.0.1-2). So, IMO, you can just synchronize directly the package. 

Cheers,

--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
Reply to: