On Mon, Jan 02, 2012 at 04:42:53PM +0000, Adam D. Barratt wrote: > Thanks for this. Looking at the changelog for 1.8.3-1, I'm guessing > that this is the same issue that's resolved in that upload, Actually no. The security tracker (and bug report) thinks 1.8.2-2 is vulnerable, while it isn't, as I had applied the patch as a bonus to the unstable/testing upload. As I didn't consider it was a security issue at the time, I didn't include this in the squeeze1 upload from months ago. 1.8.3 is the first release to officially incorporate the fixes we had applied as patches. I'll fix the affected version info in the BTS. > but would it be possible to get some version information added to > #627503, please, so that the BTS reflects what's going on with the > various versions of the package currently in the archive? Sure thing! I'm assuming this is an ACK for a stable upload. Jordi -- Jordi Mallach Pérez -- Debian developer http://www.debian.org/ jordi@sindominio.net jordi@debian.org http://www.sindominio.net/ GnuPG public key information available at http://oskuro.net/
Attachment:
signature.asc
Description: Digital signature