Bug#668456: pu: package wicd/1.7.0+ds1-5+squeeze1
On Thu, Apr 12, 2012 at 12:31:48AM +0200, David Paleino wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> Hello RT,
>
> I'm hereby requesting permission to upload a fix for wicd to p-u, bug #668397
> (CCed), CVE-2012-2095. "git diff" attached.
>
> The patch for stable is slightly different from the one just pushed in
> unstable: namely, it needed an additional "has_profile", which was used in
> pre-1.7.1 versions.
I think this should be handled via Debian Security Advisory procedure.
It's a root compromise after all (local but still important imho).
Reply to: