Bug#726874: pu: package darktable/1.0.4-1+deb7u1

To: David Bremner <bremner@debian.org>, 726874@bugs.debian.org
Subject: Bug#726874: pu: package darktable/1.0.4-1+deb7u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 20 Oct 2013 21:51:46 +0100
Message-id: <[🔎] 1382302306.31413.39.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 726874@bugs.debian.org
In-reply-to: <[🔎] 20131020021255.19205.30411.reportbug@zancas.localnet>
References: <[🔎] 20131020021255.19205.30411.reportbug@zancas.localnet>

Control: tags -1 + confirmed

On Sat, 2013-10-19 at 23:12 -0300, David Bremner wrote:
> I have prepared a targeted upload which closes two CVEs.
> 
> These are relatively mild security bugs in the embedded copy of libraw
> (which cannot be trivially removed, alas). 
> 
> A debdiff is attached.  I believe the risk of the update is relatively
> low, since according to darktable upstream only a few code paths
> actually use libraw. On the other hand, I did have to monkey with the
> patch a bit by hand to get it to apply, since libraw upstream provided
> a patch against a later version.

Assuming the patch has been tested on a stable system, please go ahead;
thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#726874: pu: package darktable/1.0.4-1+deb7u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#726874: pu: package darktable/1.0.4-1+deb7u1
  - From: David Bremner <bremner@debian.org>

Prev by Date: Bug#726807: pu: package usemod-wiki/1.0.5-1
Next by Date: Processed: Re: Bug#726874: pu: package darktable/1.0.4-1+deb7u1
Previous by thread: Bug#726874: pu: package darktable/1.0.4-1+deb7u1
Next by thread: Bug#726874: pu: package darktable/1.0.4-1+deb7u1
Index(es):
- Date
- Thread