Philipp Kern <pkern@debian.org> writes: > On Sun, Aug 23, 2009 at 03:57:34PM +1000, Ben Finney wrote: > > The package ‘burn’ has a security bug open, assigned the alert > > number TEMP-0542329 “burn: Insecure escaping of file names”. I have > > been advised to make a bug-fix release of this package for ‘stable’ > > and send a ‘debdiff’ output to this forum. > > Advised by whom? Moritz Mühlenhoff, in a response to the bug report <URL:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542329#44>. > The Security team? If not, they should be contacted about it as of > [DevRef 5.8.5]. If you mean <team@security.debian.org>, they were also addressed by the same message that resulted in the creation of ‘TEMP-0542329’. -- \ “Facts do not cease to exist because they are ignored.” —Aldous | `\ Huxley | _o__) | Ben Finney
Attachment:
pgpSGaseUxjkI.pgp
Description: PGP signature