Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)

To: "gregor herrmann" <gregoa@debian.org>, <debian-release@lists.debian.org>
Cc: "Bas Zoetekouw" <bas@debian.org>, <team@security.debian.org>, <ntyni@debian.org>
Subject: Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 28 Aug 2009 14:50:28 +0100
Message-id: <[🔎] 0FC00A40A1EB47EB8C625F4B24B40B34@andromeda>
References: <20090824195110.GA49512@aegir.org.uk> <87bpm1vzg3.fsf@mid.deneb.enyo.de> <20090827221556.GC5222@belanna.comodo.priv.at> <87ocq0h5k7.fsf@mid.deneb.enyo.de> <87ab1kh52d.fsf@mid.deneb.enyo.de> <[🔎] 20090828125913.GM5222@belanna.comodo.priv.at>

gregor herrmann wrote:

On Fri, 28 Aug 2009 07:37:30 +0200, Florian Weimer wrote:

Oh, and considering that CVE-2009-1391 will be fixed through
stable-proposed-updates, we should fix this bug through s-p-u, too.
So please send your final patch to debian-release@ instead of
security@ (and you need to change the suite to
{old,}stable-proposed-updates, not build with -sa, and eventually
upload to ftp-master instead of security-master).


Ok, here we go.

Dear release team, attached is the debdiff for a possible upload to
s-p-u for libcompress-raw-bzip2-perl that fixes CVE-2009-1884 /
#542777.

Please go ahead. Do bear in mind though that the scheduled freeze date forp-u is this weekend. :-)


Regards,

Adam

Reply to:

Follow-Ups:
- Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
  - From: gregor herrmann <gregoa@debian.org>

References:
- Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
  - From: gregor herrmann <gregoa@debian.org>

Prev by Date: Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
Next by Date: Re: proposed stable update for perl
Previous by thread: Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
Next by thread: Re: security issue in libcompress-raw-bzip2-perl (CVE-2009-1884)
Index(es):
- Date
- Thread