Hi, Thanks for your check. 2010/2/21 Adam D. Barratt <adam@adam-barratt.org.uk>: > Hi, > > Sorry for the delay in getting back to you. > > On Tue, 2010-02-16 at 10:41 +0900, Nobuhiro Iwamatsu wrote: >> 2010/2/16 Nobuhiro Iwamatsu <iwamatsu@nigauri.org>: >> > 2010/2/15 Adam D. Barratt <adam@adam-barratt.org.uk>: >> >> Hi, >> >> >> >> On Sat, 2010-02-13 at 15:51 +0900, Nobuhiro Iwamatsu wrote: >> >>> I prepared an upload to fix a minor security issue[0] in slim[1]. >> >>> I contacted scurity team. They directed me to upload it with >> >>> stable-proposed-updates. >> >>> >> >>> Full debdiff is attached. >> >> >> >> * Replace the screenshot command against /bin/false (cf. bug #537604). >> >> >> >> This appears to be a different fix from that which was applied in >> >> unstable for this bug, namely changing the command to use /root instead >> >> of /tmp when saving files; why was that changed for the stable upload? >> >> >> > Oh, sorry. > > Using a different fix isn't forbidden, if there's a good reason (for > example the package in unstable has changed in ways that make the fix > inappropriate for stable or mean that it won't apply). > > In this particular case the fix used in unstable seems like it would > apply to stable as well without causing any issues (since only root > should be able to write to /root anyway) so I was just curious about the > reason for the change. This is my mistake. I sent different patches. The patch which I sent first was made by the package which former maintainer made. > >> > I attached the patch which I changed in revision of unstable. >> > Could you check this patch again? >> > >> I forgot to attach a patch. > > The patch looks fine, thanks. Proper attribution of the patches would > be nice though :-) : > > +## 05-xauth-cookie-through-pipe.dpatch by <debian@debian> > +## 06-lesser-predictible-mcookie.dpatch by <debian@debian> > I updated author of patch. I attached the patch which revised this. Best regards, Nobuhiro -- Nobuhiro Iwamatsu iwamatsu at {nigauri.org / debian.org} GPG ID: 40AD1FA6
Attachment:
debdiff-slim_1.3.0-1+lenny2_v3
Description: Binary data