Bug#680728: marked as done (unblock: linux-igd/1.0+cvs20070630-4)
Your message dated Sun, 08 Jul 2012 17:33:13 +0200
with message-id <4FF9A839.9000506@thykier.net>
and subject line Re: Bug#680728: unblock: linux-igd/1.0+cvs20070630-4 (re-send with debdiff)
has caused the Debian Bug report #680728,
regarding unblock: linux-igd/1.0+cvs20070630-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
680728: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680728
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package linux-igd.
The upload fixes one severity Important use-after-free-bug:
#499827 linux-igd: upnpd segfault error 4 in libc-2.7.so
and also applies the Wheezy hardening release goal as this package meets
the category "All daemons and libraries accessible from the network".
linux-igd (1.0+cvs20070630-4) unstable; urgency=low
* Apply patch 16 from Rob Lesley to fix use-after-free (Closes: #499827)
* Apply hardening in line with Wheezy release goal, as we are a daemon
and handle unsanitised input from the net. Update *FLAGS in line
with this to be supplied by dh_buildflags.
* Update Policy to 3.9.3 (no change to package).
unblock linux-igd/1.0+cvs20070630-4
--- End Message ---
--- Begin Message ---
On 2012-07-08 12:20, Nick Leverton wrote:
> Please unblock package linux-igd.
>
> The upload fixes one severity Important use-after-free-bug:
> #499827 linux-igd: upnpd segfault error 4 in libc-2.7.so
>
> and also applies the Wheezy hardening release goal as this package meets
> the category "All daemons and libraries accessible from the network".
>
> linux-igd (1.0+cvs20070630-4) unstable; urgency=low
>
> * Apply patch 16 from Rob Lesley to fix use-after-free (Closes: #499827)
> * Apply hardening in line with Wheezy release goal, as we are a daemon
> and handle unsanitised input from the net. Update *FLAGS in line
> with this to be supplied by dh_buildflags.
> * Update Policy to 3.9.3 (no change to package).
>
> On a review of the debdiff I can see that there are two additional changes
> in the packaging but they should not affect the build or the resulting
> binary so I hope the upload can still be accepted. Please let me know
> if you would rather I re-upload anyway:
>
> * the versioned B-D on libupnp4-dev is tightened but still matches the
> version in Wheezy (before freeze I was considering updating linux-igd
> to use a newer libupnp, but that is too invasive a change so I reverted
> it for this upload, but it left this one change in debian/control).
> * a change to the comments in debian/watch (this was a Lintian warning
> I was also working on at the time)
>
> unblock linux-igd/1.0+cvs20070630-4
Seems reasonable, unblocked.
~Niels
--- End Message ---
Reply to: