[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security update for ‘burn’ package

On Sun, Aug 23, 2009 at 03:57:34PM +1000, Ben Finney wrote:
> The package ‘burn’ has a security bug open, assigned the alert number
> TEMP-0542329 “burn: Insecure escaping of file names”. I have been
> advised to make a bug-fix release of this package for ‘stable’ and
> send a ‘debdiff’ output to this forum.

Advised by whom?  The Security team?  If not, they should be contacted about
it as of [DevRef 5.8.5].

If they told you to just push this as a non-DSA issue, this should be stated
as such.

Kind regards,
Philipp Kern
 .''`.  Philipp Kern                        Debian Developer
: :' :  http://philkern.de                         Stable Release Manager
`. `'   xmpp:phil@0x539.de                         Wanna-Build Admin
  `-    finger pkern/key@db.debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: