Re: tiff-3.9.4-4 fixes CVE-2010-3364

To: Jay Berkenbilt <qjb@debian.org>
Cc: debian-release@lists.debian.org
Subject: Re: tiff-3.9.4-4 fixes CVE-2010-3364
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 03 Oct 2010 09:44:59 +0100
Message-id: <[🔎] 1286095499.6044.10.camel@hathi.jungle.funky-badger.org>
In-reply-to: <[🔎] 20101002134407.0289400883.qww314159@soup>
References: <[🔎] 20101002134407.0289400883.qww314159@soup>

On Sat, 2010-10-02 at 13:44 -0400, Jay Berkenbilt wrote:
> I had overlooked that bug 595064 was a security bug that fixed
> CVE-2010-3364.  I think perhaps a CVE number had not been assigned when
> the bug was originally reported.  In any case, I upgraded the bug to
> grave and uploaded tiff-3.9.4-4 with a fix to it.  The fix changes one
> line of code, and I didn't make any other changes to the package.  Since
> this is a security-related fix that should be able to enter testing
> through unstable, I am requesting a freeze exception.  Otherwise, it can
> be handled through normal security channels.  I uploaded it with urgency
> high and mentioned the CVE number in the changelog.

Unblocked.

Regards,

Adam

Reply to:

References:
- tiff-3.9.4-4 fixes CVE-2010-3364
  - From: Jay Berkenbilt <qjb@debian.org>

Prev by Date: Bug#598874: unblock: deskbar-applet/2.32.0-1
Next by Date: Bug#598836: marked as done (unblock: red5/0.9.1-4)
Previous by thread: tiff-3.9.4-4 fixes CVE-2010-3364
Next by thread: Bug#598871: unblock: nautilus/2.30.1-2
Index(es):
- Date
- Thread