[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

fix for 445595 - smpeg NMU


I have done an NMU of version 0.4.5+cvs20030824-2.1 of the smpeg package.  It 
has two lines of change as included in a patch on the above bug report.  
There has been no response from the maintainer, the bug is almost a year old, 
and it has security implications.


The above blog post has some background.

I think it would be good to get this into Lenny.  I expect that including an 
NMU at late notice would be something you would prefer not to do.  But given 
that it reduces security by permitting stack overflow bugs in applications 
that use it I think it's worthy of inclusion.

I waited two weeks after proposing an NMU and blogging about it with no 
response.  If anyone was watching and had any objection I'm sure I would have 
heard it by now.

http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development

Reply to: