[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#700251: pu: package libproc-processtable-perl/0.45-1+squeeze1



Hi Niels

On Sun, Feb 10, 2013 at 05:04:51PM +0100, Niels Thykier wrote:
> Control: tags -1 confirmed
> 
> On 2013-02-10 17:00, Salvatore Bonaccorso wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian.org@packages.debian.org
> > Usertags: pu
> > 
> > Hi
> > 
> > I prepared a patch for libproc-processtable-perl (the same as for the
> > upload to unstable) to fix #650500: CVE-2011-4363, to fix unsafe use
> > of temporary file. There is no DSA for this.
> > 
> >  https://security-tracker.debian.org/tracker/CVE-2011-4363
> >  
> > The debdiff contains a debian/gbp.conf (if needed I can remove it).
> > This was added to ease the work in the pkg-perl git repos on that
> > branch.
> > 
> > Do the changes look ok for an upload via stable-proposed-updates for
> > stable? The fix did not yet migrate to testing (I had just uploaded
> > the fix to unstable). So it would be same ok to wait for that before
> > proceeding.
> > 
> > Regards,
> > Salvatore
> 
> Looks good, please upload it and ping us once it has been uploaded.

Done. And thank you!

Regards,
Salvatore


Reply to: