Re: xerces-c2-2.8.0-3+lenny1: permission to upload to stable
On Sat, 2010-02-06 at 22:15 -0500, Jay Berkenbilt wrote:
> The current xerces-c2 package, 2.8.0+deb1-2, contains a patch supplied
> by upstream to address CVE-2009-1885. The security team has deemed that
> this is not important enough for a DSA, and I agree. From Giuseppe
> As it happens, the patch from 2.8.0+deb1-2 applies perfectly to the
> version in stable, so preparing an update to stable is trivial. With
> the permission of the release team, I will prepare the upload. I'm not
> sure what the best way to do this is. I can either prepare an upload to
> stable or I can supply a patch that can be applied to the version of the
> package in stable. I don't presently have a stable chroot to build in,
> though I can obviously make one to prepare the package if it would help.
Please prepare an update (built against stable, either on a stable
system or in a chroot), and send a debdiff against the current stable
package to debian-release for upload approval.