Bug#572940: [Pkg-cups-devel] Bug#572940: CVE-2010-0302: Incomplete security fix
On Sun, Mar 07, 2010 at 09:46:24PM +0100, Martin Pitt wrote:
> Hello Moritz,
> Moritz Muehlenhoff [2010-03-07 19:57 +0100]:
> > The upstream patch for CVE-2009-3553 turned out to be incomplete. Please
> > see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0302 for a
> > description and a patch.
> Thanks. I already committed that this morning, I just added this bug
> number to the changelog. Will upload ASAP.
Great. We don't need to fix this in a DSA; we can wait with the fix
until there's a more severe Cups issue to be dealt with (or it can
be fixed through aa stable updte if there are other issues pending).