Bug#703467: pu: package graphviz/2.26.3-5+b1

To: David Claughton <dave@eclecticdave.com>, 703467@bugs.debian.org
Subject: Bug#703467: pu: package graphviz/2.26.3-5+b1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 20 Mar 2013 20:00:28 +0000
Message-id: <[🔎] 1363809628.5873.6.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 703467@bugs.debian.org
In-reply-to: <[🔎] 20130319234603.12465.20448.reportbug@davelaptop.home.net>
References: <[🔎] 20130319234603.12465.20448.reportbug@davelaptop.home.net>

Control: tags -1 + squeeze confirmed

On Tue, 2013-03-19 at 23:46 +0000, David Claughton wrote:
> Bug #702436 has recently been reported against graphviz, which advises
> that graphviz is being linked with an ancient shipped version of libltdl
> instead of the system version.  On investigation it has become clear
> that the version being linked against is susceptible to a known security
> issue - DSA-1958-1 (CVE-2009-3736).

Assuming that the resulting package has been tested on a stable system,
please go ahead; thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#703467: pu: package graphviz/2.26.3-5+b1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#703467: pu: package graphviz/2.26.3-5+b1
  - From: David Claughton <dave@eclecticdave.com>

Prev by Date: #703146 release critical?
Next by Date: Processed: Re: Bug#703467: pu: package graphviz/2.26.3-5+b1
Previous by thread: Bug#703467: pu: package graphviz/2.26.3-5+b1
Next by thread: Bug#703467: pu: package graphviz/2.26.3-5+b1
Index(es):
- Date
- Thread