[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security bug in xlockmore

Hi Joey

Martin Schulze wrote:
> Alexander Wirt wrote:
>>Hi Michael, 
>>this security bug in xlockmore is still present in all xlockmore versions in
>>the archive and is open for now 190 days. In the meantime we organized a CVE 
>>number and a patch that fixes that problem. But still no reaction from you. I
>>know that aren't MIA at all, because I have seen some activity from you since
>>then. But I think this bug needs some time from you at all. I know that
>>xlockmore is upstream dead and has really awfull code, but I you don't want
>>to maintain it anymore orphan it or remove it from the archive. 
> I have to admit that I don't share the oppinion of the maintainer and hence
> are preparing an update with the patch Elmar Hoffmann thankfully provided.
> Please let me know which version in sid fixes this problem, i.e. if the
> planned NMU will be uploaded indeed etc. pp.

The planned upload was already uploaded and has already migrated to
testing... It has version number 1:5.13-2.2



Luk Claes - http://people.debian.org/~luk - GPG key 1024D/9B7C328D
Fingerprint:   D5AF 25FB 316B 53BB 08E7   F999 E544 DE07 9B7C 328D

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: