[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Updating rush_1.7+dfsg-1 due to CVE-2013-6889.



Hi,

On Fri, 2014-01-24 at 18:51 +0100, Mats Erik Andersson wrote:
> I would like to pledge for an update of the package
> 
>     rush_1.7+dfsg-1
> 
> within the stable release. The cause is CVE-2013-6889:

For future reference, please file such requests via the BTS; this makes
things much easier for us to track, and reportbug will automatically add
the appropriate tags for you when filing a report.

The only change I'd ask for to the supplied debdiff is:

+rush (1.7+dfsg-1+deb7u1) stable-security; urgency=high

Whilst this will work to get the package in to proposed-updates, it's
potentially confusing for users as the package was not provided via the
security archive; please use the distribution "wheezy" instead.

With the above change, please go ahead; thanks.

Regards,

Adam


Reply to: