On Mon, Jul 04, 2011 at 09:40:44PM +0100, Adam D. Barratt wrote: > > Stable is easy: the same version is present, so the patch is just the same > > as for unstable. > > Thanks for this. I assume the stable upload would be 2.0alpha-4 > +squeeze1 or similar? (Or 2.0alpha-4.1~squeeze1 would work, I suppose). > > > In oldstable, you have a choice of whether to include the changes in -4 or > > not. They fix a FTBFS (which I could not reproduce in a lenny chroot) but > > are not strictly necessary to fix the CVE. I will prepare uploads > > according to your preference. > > The FTBFS would only occur if the lenny version were built with > _GNU_SOURCE defined (which it obviously wasn't, given that it built to > start with); only later versions of (e)glibc unconditionally define > getline(). On that basis, please only include the security-related > changes for oldstable. Thanks; uploaded as 2.0alpha-4+squeeze1 and 2.0alpha-3+lenny1. -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Attachment:
signature.asc
Description: Digital signature