On Sun, Feb 17, 2013 at 12:16:32AM +0100, Jeremy Lainé wrote:
> Dear release team,
>
> Yesterday the following security vulnerability in the "pyrad" package was brought to my attention by Salvatore Bonaccorso:
>
> https://security-tracker.debian.org/tracker/CVE-2013-0294
>
> It is tracked in the following bug:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700669
>
> I have uploaded version 1.2-1+deb7u1 targeted at testing-proposed-updates (debdiff attached), as unstable carries a different upstream version. Could you please let this version into wheezy?
It's traditional to seek approval *before* uploading; more so in this case
since adding a patch system is a no-no. The change itself is fine, please
upload with this only. You will have to bump the version number IIRC.
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
<directhex> i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits
Attachment:
signature.asc
Description: Digital signature