Bug#700251: pu: package libproc-processtable-perl/0.45-1+squeeze1
Hi Niels
On Sun, Feb 10, 2013 at 05:04:51PM +0100, Niels Thykier wrote:
> Control: tags -1 confirmed
>
> On 2013-02-10 17:00, Salvatore Bonaccorso wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian.org@packages.debian.org
> > Usertags: pu
> >
> > Hi
> >
> > I prepared a patch for libproc-processtable-perl (the same as for the
> > upload to unstable) to fix #650500: CVE-2011-4363, to fix unsafe use
> > of temporary file. There is no DSA for this.
> >
> > https://security-tracker.debian.org/tracker/CVE-2011-4363
> >
> > The debdiff contains a debian/gbp.conf (if needed I can remove it).
> > This was added to ease the work in the pkg-perl git repos on that
> > branch.
> >
> > Do the changes look ok for an upload via stable-proposed-updates for
> > stable? The fix did not yet migrate to testing (I had just uploaded
> > the fix to unstable). So it would be same ok to wait for that before
> > proceeding.
> >
> > Regards,
> > Salvatore
>
> Looks good, please upload it and ping us once it has been uploaded.
Done. And thank you!
Regards,
Salvatore
Reply to: