[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Accepted gaim 1:1.3.0-1 (i386 source all)

Ari Pollak wrote:
>  gaim (1:1.3.0-1) unstable; urgency=high
>  .
>    * New upstream version. Fixes two remote DoS/overflow security bugs,
>      CAN-2005-1262 and CAN-2005-1261.

Of which details are available at http://gaim.sourceforge.net/security/.

At 183272 lines, the diff between gaim 1.2.1 and 1.3.0 is too large for
me to review before sarge releases. Even excluding the po file changes
it's still 6229 lines and has many non-security changes.

Can we get a backported version of these security fixes into t-p-u for
1.2.1? The description of the fixes, especially for CAN-2005-1262, look
easy enough to backport.

see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to: