Bug#642579: opu: package openssl/0.9.8g-15+lenny12
retitle 642579 opu: package openssl/0.9.8g-15+lenny13
clone 642579 -1
usertag -1 -opu
usertag -1 +pu
retitle -1 pu: package openssl/0.9.8o-4squeeze3
tag -1 + squeeze
tag 642579 + lenny
On Fri, 2011-09-23 at 23:29 -0500, Raphael Geissert wrote:
> If possible, I'd like to make an update to openssl to fix CVE-2011-3207
-3210, as per your second mail.
> in lenny (and squeeze.)
Let's make this two bugs then.
> I don't have the final debdiff as of this time, but the
> only change is upstream's fix 
That looks sane enough. Given that it appears to have been resolved in
the same upstream release as -3207 and -1945, it would have been nice if
it could have been included in -4squeeze2 and -15+lenny12, which
resolved the latter. Ah well.
> Will send the debdiff tomorrow morning on my TZ, but I wanted to give a heads
> up because of the point release freeze deadline.
> Please let me know if it's still feasible. It ain't an urgent issue anyway.
It's certainly feasible for squeeze. Lenny should be doable, assuming
the upload doesn't get delayed.