Re: Updating rush_1.7+dfsg-1 due to CVE-2013-6889.

To: Mats Erik Andersson <mats.andersson@gisladisker.se>
Cc: debian-release@lists.debian.org
Subject: Re: Updating rush_1.7+dfsg-1 due to CVE-2013-6889.
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 24 Jan 2014 18:37:24 +0000
Message-id: <[🔎] 1390588644.4132.12.camel@jacala.jungle.funky-badger.org>
In-reply-to: <[🔎] 20140124175115.GA10994@mail.gisladisker.se>
References: <[🔎] 20140124175115.GA10994@mail.gisladisker.se>

Hi,

On Fri, 2014-01-24 at 18:51 +0100, Mats Erik Andersson wrote:
> I would like to pledge for an update of the package
> 
>     rush_1.7+dfsg-1
> 
> within the stable release. The cause is CVE-2013-6889:

For future reference, please file such requests via the BTS; this makes
things much easier for us to track, and reportbug will automatically add
the appropriate tags for you when filing a report.

The only change I'd ask for to the supplied debdiff is:

+rush (1.7+dfsg-1+deb7u1) stable-security; urgency=high

Whilst this will work to get the package in to proposed-updates, it's
potentially confusing for users as the package was not provided via the
security archive; please use the distribution "wheezy" instead.

With the above change, please go ahead; thanks.

Regards,

Adam

Reply to:

References:
- Updating rush_1.7+dfsg-1 due to CVE-2013-6889.
  - From: Mats Erik Andersson <mats.andersson@gisladisker.se>

Prev by Date: Updating rush_1.7+dfsg-1 due to CVE-2013-6889.
Next by Date: Bug#736541: pu: package libquvi-scripts/0.4.21-1~deb7u1
Previous by thread: Updating rush_1.7+dfsg-1 due to CVE-2013-6889.
Next by thread: Bug#736541: pu: package libquvi-scripts/0.4.21-1~deb7u1
Index(es):
- Date
- Thread