[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: v86d 0.1.10 for Squeeze?

On Sun, 2011-04-03 at 17:14 +0200, Evgeni Golov wrote:
> v86d has an open security issue in oldstable, stable, testing and
> unstable (CVE-2011-1070 / Bug#619404).
> For testing/unstable, the fix is just to upload the new upstream release.

So far as I can see, that didn't happen yet?  Having the issue fixed in
unstable at least is generally a prerequisite for fixing it in stable.

> For stable I could add the patch [1] and ask you to approve that package
> into 6.0.2. However we also could push 0.1.10 in there, because the
> current 0.1.9-1 in Squeeze already has two patches from upstream Git and
> going to 0.1.10 would only add two more minor ones ([2] and [3]) with
> [3] being even unused in the final binary.

This may be an option, but I'd like to see a final debdiff between the
0.1.10 package that gets uploaded to unstable and the current squeeze
package before we make a final decision.



Reply to: