Bug#650601: (no subject)
Hi Julien, thanks for the fast answer, I updated libpng, the package should be less broken than the previous one.
It is available in mentors, experimental suite.
Feel free to upload it.
I know it is still preliminar, but can be a good place for starting the transition
http://mentors.debian.net/package/libpng
I'll address some of the lintian warnings later, if needed.
thanks
Gianfranco
----- Messaggio originale -----
> Da: Julien Cristau <jcristau@debian.org>
> A: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>; 650601@bugs.debian.org
> Cc:
> Inviato: Sabato 3 Agosto 2013 18:00
> Oggetto: Re: Bug#650601: (no subject)
>
> On Sat, Aug 3, 2013 at 13:51:58 +0100, Gianfranco Costamagna wrote:
>
>> Hi Developers and release team.
>>
>>
>> Since libpng 1.5.11 is vulnerable to CVE-2012-3386 [1], fixed in 1.5.12 and
> 1.6.3, and that this transition hadn't hit wheezy, I would like to suggest
> you to change the transition directly to 1.6.3 instead of 1.5.
>>
> Not our call. Somebody needs to get a not-completely-broken newer
> libpng package in to experimental, then we can talk.
>
> Cheers,
> Julien
>
Reply to: