[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updating stable Cherokee 1.0.8-5 to avoid a predictable password generation

On Wed, 2011-11-23 at 12:35 -0600, Gunnar Wolf wrote:
> I have backported the attached patch and will be uploading Cherokee
> 1.0.8-5+squeeze1.

For any future updates, please include a full debdiff, rather than just
the isolated patch.  It might seem slightly picky, but often the debdiff
ends up being more involved than just changelog + patch.

> This is in order to address #647205, to which (as
> the security impact is very small) the DSA team requested me to
> perform the upload to a point release.

I assume s/DSA/security/ :-) (yay for overloaded acronyms).

> I know the instructions state that I should first discuss this in
> d-release and only then upload, so (expecting this to be a simple
> change), I'm uploading to DELAYED/3.

A slightly unconventional approach. :-)

Unfortunately, only the .changes files in DELAYED (well, DEFERRED/ once
it actually reaches the file system on ftp-master) are world-readable,
so I can't run a debdiff.  However, if the result would be just the
patch you included in your mail and the changelog stanza as included in
the .changes, then please feel free to reschedule it to DELAYED/0;



Reply to: