Re: Proposed upload of tinyproxy to stable

To: Jordi Mallach <jordi@debian.org>
Cc: debian-release@lists.debian.org
Subject: Re: Proposed upload of tinyproxy to stable
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 02 Jan 2012 16:42:53 +0000
Message-id: <[🔎] 1325522573.2980.52.camel@jacala.jungle.funky-badger.org>
In-reply-to: <[🔎] 20120102154758.GA27606@aigua.oskuro.net>
References: <[🔎] 20120102154758.GA27606@aigua.oskuro.net>

On Mon, 2012-01-02 at 16:47 +0100, Jordi Mallach wrote:
> In response to #627503, I had prepared a stable-security upload of
> tinyproxy to address this issue.
> 
> After discussing with jmm, we're discarding doing a DSA for this issue as
> an exploit can't happen if an attacker doesn't control the configuration
> file.
> 
> He thinks the patch would be fine for s-p-u though, so I'm attaching the
> following patch so the upload can be considered.

Thanks for this.  Looking at the changelog for 1.8.3-1, I'm guessing
that this is the same issue that's resolved in that upload, but would it
be possible to get some version information added to #627503, please, so
that the BTS reflects what's going on with the various versions of the
package currently in the archive?

Regards,

Adam

Reply to:

Follow-Ups:
- Re: Proposed upload of tinyproxy to stable
  - From: Jordi Mallach <jordi@debian.org>

References:
- Proposed upload of tinyproxy to stable
  - From: Jordi Mallach <jordi@debian.org>

Prev by Date: Proposed upload of tinyproxy to stable
Next by Date: Re: Proposed update to python-debian
Previous by thread: Proposed upload of tinyproxy to stable
Next by thread: Re: Proposed upload of tinyproxy to stable
Index(es):
- Date
- Thread