[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unblock subversion/1.6.12dfsg-2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01-10-2010 20:59, Peter Samuelson wrote:
> unblock subversion/1.6.12dfsg-2
> 
> Dependencies appear to all be in squeeze already.
> 
>   * patches/cve-2010-3315: New patch for CVE-2010-3315, whereby, in rare
>     configurations, mod_dav_svn could give too much access to authorized
>     users.
>   * control: Update Vcs-* fields, Homepage, Policy to 3.9.1 (no changes),
>     tweak python version declaration (Closes: #587853).
> 
> The CVE patch is a one-liner.  The impact is low enough that I haven't
> decided whether it's worth an upload to lenny security.  It does not
> affect our default or suggested configuration.
> 
>     http://subversion.apache.org/security/CVE-2010-3315-advisory.txt
> 
> The second change is trivial and was already pending.  Functionally, it
> adds a Python-Version header to one package, as documented in the
> Python policy.  I think this falls under 'documentation'.

Unblocked.

Kind regards,
- -- 
Felipe Augusto van de Wiel (faw)
Debian. Freedom to code. Code to freedom!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyomFMACgkQCjAO0JDlykaHOACeOWCUH+QWeIpfJOnZP3jHxEUA
k5EAn2vDC8GwA4HU43AXPlkjUszjGznW
=UzIx
-----END PGP SIGNATURE-----
Reply to: