Re: Please unblock graphviz 2.20.2-3 (Was: Security upload for graphviz?)

[Adeodato Simó <dato@net.com.org.es>]

* Cyril Brulebois [Mon, 13 Oct 2008 13:24:12 +0200]:

> Florian Weimer <fw@deneb.enyo.de> (12/10/2008):
> > For lenny, yes.  Just ask the release managers for an unblock after an
> > upload with urgency=high.

> RMs, please unblock graphviz 2.20.2-3 according to security team's
> suggestion, it contains the following fix:

> ,--
> | graphviz (2.20.2-3) unstable; urgency=high

> |   * Backport patch to fix a stack overflow in the graph parser, reported
> |     by IBM and fixed in 2.20.3. To avoid autotools noise, only the actual
> |     fix is backported here, instead of pulling a brand new upstream
> |     release (though functionally minimal). As usual, thanks to upstream
> |     for their absolute kindness:
> |      - debian/patches/20_fix_parser_stack_overflow
> |   * Set “urgency=high” accordingly, after discussion with the security
> |     team.

> |  -- Cyril Brulebois <kibi@debian.org>  Sun, 12 Oct 2008 23:24:12 +0200
> `--

> Full diff attached & thanks for your time.

Unblocked.

-- 
Adeodato Simó                                     dato at net.com.org.es
Debian Developer                                  adeodato at debian.org
 
The first step on the road to wisdom is the admission of ignorance. The
second step is realizing that you don't have to blab it to the world.