On Donnerstag, 7. August 2008, Luk Claes wrote:
Christoph Haas wrote:
please allow pdns 2.9.21.1-1 into Lenny. It's fixing a
security-related problem registered as CVE-2008-3337 (see the
upstream's notification attached). The security team has been informed
and we are currently preparing a security update for Etch's 2.9.20-8
version, too.
Please contact me if you have questions.
It looks like the source is not clean: many (generated?) files are
added, can you have a look into it?
Sure. But I can't find much. You are right that two files in the upstream
tarball have accidentally been altered:
- codedocs/Makefile
- debian-pdns/changelog
That's what I found out by comparing the upstream tarball to the tarball I
uploaded to Debian yesterday.
But what are the many files you found? I had just switched from
hg-buildpackage to git-buildpackage so it's not out of the question that I
might have made a mistake. I could use a hint though.