Re: libosip2 and libosip2-3

To: debian-release@lists.debian.org
Subject: Re: libosip2 and libosip2-3
From: ARAKI Yasuhiro <ar@debian.org>
Date: Thu, 12 May 2005 16:52:41 +0900 (JST)
Message-id: <[🔎] 20050512.165241.41627872.yasu@localdomain>
In-reply-to: <[🔎] 20050512072858.GA12481@mauritius.dodds.net>
References: <[🔎] 20050511115450.GB5704@mauritius.dodds.net> <[🔎] 20050512.002541.74755416.yasu@localdomain> <[🔎] 20050512072858.GA12481@mauritius.dodds.net>

Steve,

> Yasuhiro,
> 
> On Thu, May 12, 2005 at 12:25:41AM +0900, ARAKI Yasuhiro wrote:
> > In conclusion, we should ship libosip2 2.0.6 with sarge.
> > And I will fix for 2.0.6. It includes a potential security risk.
> > It is same as #305729.
> 
> Well, the conclusion of my previous message was that, even though I don't
> like the situation, libosip2 2.2.0 and siproxd have both been accepted into
> sarge.  The new versions have already reached testing.

Thanks. 
And I apologies for the error and any inconvenience.

I worried about a "URI Parsing Heap Overflows" problem at libosip2 2.0.6
as #308737. (It was not included in after 2.0.7.)

> But it does show that it's important for maintainers of related packages to
> communicate.

I take your warning to heart..

Thanks again.

--
ARAKI Yasuhiro 
A Debian Official Developer <ar@debian.org>

Reply to:

References:
- Re: libosip2 and libosip2-3
  - From: Steve Langasek <vorlon@debian.org>
- Re: libosip2 and libosip2-3
  - From: ARAKI Yasuhiro <ar@debian.org>
- Re: libosip2 and libosip2-3
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Please let calamaris 2.59-5 into testing: translation updates
Next by Date: Re: libusb status update
Previous by thread: Re: libosip2 and libosip2-3
Next by thread: Please accept linphone into sarge (was: libosip2 and libosip2-3)
Index(es):
- Date
- Thread