Bug#754834: squeeze-pu: package libdbi-perl/1.612-1+deb6u1
Control: tags -1 + pending
On Mon, 2014-07-14 at 22:35 +0200, Salvatore Bonaccorso wrote:
> On Mon, Jul 14, 2014 at 09:26:06PM +0100, Adam D. Barratt wrote:
> > On Mon, 2014-07-14 at 22:14 +0200, Salvatore Bonaccorso wrote:
> > > This is the corresponding proposed update for libdbi-perl as for
> > > wheezy, see [1], in case I'm still in time for squeeze-pu. Attached is
> > > proposed debdiff for squeeze. libplrpc-perl was removed from the
> > > archive for unstable[1] as it uses Storable in an unsafe way, leading
> > > to a remote code execution vulnerability. The idea is to also drop
> > > libplrpc-perl from squeeze. As first step again the dependency needs
> > > to be removed from libdbi-perl.
> > >
> > > [1] https://bugs.debian.org/751527
> >
> > As mentioned on IRC, I think we should get this sorted for Squeeze,
> > despite being after the window officially closed. Please go ahead;
> > thanks.
>
> Thank you, uploaded.
Flagged for acceptance.
Regards,
Adam
Reply to: