Bug#703467: pu: package graphviz/2.26.3-5+b1

To: 703467@bugs.debian.org
Cc: David Claughton <dave@eclecticdave.com>
Subject: Bug#703467: pu: package graphviz/2.26.3-5+b1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 21 Mar 2013 06:47:49 +0000
Message-id: <[🔎] 1363848469.5873.12.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 703467@bugs.debian.org
In-reply-to: <[🔎] 1363809628.5873.6.camel@jacala.jungle.funky-badger.org>
References: <[🔎] 20130319234603.12465.20448.reportbug@davelaptop.home.net> <[🔎] 1363809628.5873.6.camel@jacala.jungle.funky-badger.org>

Control: tags -1 + pending

On Wed, 2013-03-20 at 20:00 +0000, Adam D. Barratt wrote:
> On Tue, 2013-03-19 at 23:46 +0000, David Claughton wrote:
> > Bug #702436 has recently been reported against graphviz, which advises
> > that graphviz is being linked with an ancient shipped version of libltdl
> > instead of the system version.  On investigation it has become clear
> > that the version being linked against is susceptible to a known security
> > issue - DSA-1958-1 (CVE-2009-3736).
> 
> Assuming that the resulting package has been tested on a stable system,
> please go ahead; thanks.

Uploaded and flagged for acceptance in to p-u; thanks.

Regards,

Adam

Reply to:

References:
- Bug#703467: pu: package graphviz/2.26.3-5+b1
  - From: David Claughton <dave@eclecticdave.com>
- Bug#703467: pu: package graphviz/2.26.3-5+b1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Processed: Re: Bug#703458: pu: package clamav/0.97.7+dfsg-1~squeeze1
Next by Date: Processed: Re: Bug#703467: pu: package graphviz/2.26.3-5+b1
Previous by thread: Bug#703467: pu: package graphviz/2.26.3-5+b1
Next by thread: Processed: Re: Bug#703467: pu: package graphviz/2.26.3-5+b1
Index(es):
- Date
- Thread