[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: status of getting security fixes into sarge

On Thu, Dec 09, 2004 at 04:20:12PM -0500, Joey Hess wrote:
> Some NMUing has been done lately on some of the older security holes in
> sarge. Here are the ones the testing security team is currently tracking
> that are fixed in unstable but don't yet have a fix in sarge, plus a few
> others of interest:

> opendchub 0.7.14-1.1 needed, have 0.7.14-1 for CAN-2004-1127
> 	Will go in in a few days.

Blocked by a build failure on m68k (calls automake, due to timestamp skew
and lack of AM_MAINTAINER_MODE).  Bug filed.

> prozilla (unfixed; bug #284117) for CAN-2004-1120
> 	Well it's not fixed, and no patch is known. Candidate for
> 	removal.

Tagged for removal.

> mtink 1.0.5 needed, have 1.0.1-2 for CAN-2004-1110
> 	Goes in today.

Looks good.

> ppp 2.4.2+20040428-3 needed, have 2.4.2+20040428-2 for CAN-2004-1002
> 	Frozen, same as in last report, see maintainer's comments IIRC.

Hrm, the last status I had on this was that I was *waiting* for maintainer
comments... :)  Seeing none, I've gone ahead and pushed this in despite

> cscope 15.5-1.1 needed, have 15.5-1 for CAN-2004-0996
> 	Should go in RSN.

Yep, it's in.

Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature

Reply to: