[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#687434: unblock: keystone/2012.1.1-6 (fixes: CVE-2012-4413)

On Thu, 2012-09-13 at 00:54 +0800, Thomas Goirand wrote:
> Please unblock package keystone. This fixes CVE-2012-4413. Debdiff is
> attached.


> Note that I am well aware of #687311 (I was the one who reported it),
> but I would like to fix this one later on, using urgency=low, so it
> has more time for testing before migration. Please let me know if I
> should lower the severity of #687311 for the package to migrate, or
> if the release team has some magic way to let it migrate anyway.

Neither should be necessary.  The changes in 2012.1.1-5 can't possibly
have introduced that bug, so it should be marked as found in a more
sensible version.



Reply to: