Re: unblock and pu request for libxslt
On 05.07.2012 11:00, Aron Xu wrote:
Can you please unblock libxslt/1.1.26-13 which fixes CVE-2012-2825
(Bug #679283)? Patch applied:
http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=blob;f=debian/patches/0005-cve-2012-2825.patch;h=2e7db481530519ed82a69ab41e4297767f83e6f5;hb=ecbb4ca70e90c1c4789049e7a41c6c1d2c51871e
This is fun:
--- libxslt-1.1.26/debian/changelog 2012-06-15 11:04:15.000000000
+0000
+++ libxslt-1.1.26/debian/changelog 2012-07-05 03:10:22.000000000
+0000
@@ -1,9 +1,8 @@
-libxslt (1.1.26-12+rebuild1) unstable; urgency=low
+libxslt (1.1.26-13) unstable; urgency=low
- * Rebuild against new libxml2 to make xslt-config identical across
- architectures.
+ * Patch to fix CVE-2012-2825 (Closes: #679283).
- -- Aron Xu <aron@debian.org> Fri, 15 Jun 2012 18:55:36 +0800
+ -- Aron Xu <aron@debian.org> Thu, 05 Jul 2012 11:09:19 +0800
Unblocked anyway.
I've also prepared an update for squeeze and please advise if I can
upload to pu. This fixes three CVEs:
Please don't mix different types of request in the same mail. For a
stable update, please open an appropriately usertagged pu bug, including
a full source debdiff rather than VCS pointers.
Regards,
Adam
Reply to: