Am Mittwoch, den 18.08.2010, 13:52 +0200 schrieb Mehdi Dogguy: > On 08/12/2010 12:35 PM, Benjamin Drung wrote: > > Am Donnerstag, den 12.08.2010, 03:58 +0200 schrieb Mehdi Dogguy: > >> On 0, Benjamin Drung <bdrung@ubuntu.com> wrote: > >>> Hi, > >>> > >>> In one or two days, vlc 1.1.3 will be released, which fixes the security > >>> bug #592669. I want to get this version into squeeze and fix bug > >>> #592456. Will it be ok? > >>> > > The latter doesn't seem to be useful according to the buglog. Yes, I dropped it. > >> Can you show us a diff? and/or can you backport the patches? > > > > The debdiff will look similar to the attached one. The attached one > > targets experimental instead of unstable, because 502_xulrunner_191.diff > > needs to be updated for 1.1.3 and I don't want to do it before I get a > > yes (otherwise the work would be thrown away). > > > > It would be possible to backport the security fix, but I think that > > 1.1.3 is better for squeeze than 1.1.2 and that it may make backporting > > security fixes easier in the future. > > > > It looks ok but I don't see any announce for 1.1.3 yet. 1.1.3 is released now. We have prepared 1.1.2-2 in our git repository. You can find the changes there [1]. Instead of just applying the patch for the security issue, I would prefer to get 1.1.3 into squeeze, because then we could follow upstream's 1.1 branch. [1] http://git.debian.org/?p=pkg-multimedia/vlc.git;a=blob;f=debian/changelog;h=5b3343d0345e55f1ca8f62e19ac4e80f343e94ac;hb=HEAD
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil