Re: broken cvs in squeeze-security

To: debian-release@lists.debian.org, team@security.debian.org
Cc: "Bernhard R. Link" <brlink@debian.org>, 664872@bugs.debian.org, 667723@bugs.debian.org
Subject: Re: broken cvs in squeeze-security
From: Thorsten Glaser <tg@mirbsd.de>
Date: Fri, 6 Apr 2012 11:43:06 +0000 (UTC)
Message-id: <[🔎] Pine.BSM.4.64L.1204061137010.1392@herc.mirbsd.org>
In-reply-to: <20120406090843.GA18986@client.brlink.eu>
References: <20120406090843.GA18986@client.brlink.eu>

Bernhard R. Link dixit:

>The effect you see is usually not from a unclean chroot, but from a
>non-minimal chroot.

Non-minimal is unclean.

>It essentially means that the cvs package misses
>either code to mitigate this or misses a Build-Conflicts.

Possibly… the package from squeeze and older is positively
ancient, and I am not familiar with its packaging style.

>The following patch moves he deletion behind dh_compress,
>thus actually matching something.

OK. Thanks!

Should I upload this, or does someone else (security team?
stable release team?) want to do it? If I should upload it,
where (as strictly spoken it’s not a security issue)?

Just scheduling a binNMU in stable would almost certainly
have taken care of it as well, so if that option persists,
I’d not be opposed to it. It’s probably easier, too…

bye,
//mirabilos
-- 
I believe no one can invent an algorithm. One just happens to hit upon it
when God enlightens him. Or only God invents algorithms, we merely copy them.
If you don't believe in God, just consider God as Nature if you won't deny
existence.		-- Coywolf Qi Hunt

Reply to:

Follow-Ups:
- Re: broken cvs in squeeze-security
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: broken cvs in squeeze-security
  - From: "Bernhard R. Link" <brlink@debian.org>

Prev by Date: False negative in ben?
Next by Date: Re: broken cvs in squeeze-security
Previous by thread: Re: False negative in ben?
Next by thread: Re: broken cvs in squeeze-security
Index(es):
- Date
- Thread