[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#818615: jessie-pu: package gtk+2.0

HI Adam,

Not Moritz here but can answer the question as well:

On Fri, Mar 18, 2016 at 07:22:34PM +0000, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote:
> > I'd like to fix a security issue in GTK, which doesn't really warrant
> > a DSA. Debdiff below, I've been running this on my jessie
> > workstation for a day now.
> > 
> > Cheers,
> >         Moritz
> > 
> > diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog
> > --- gtk+2.0-2.24.25/debian/changelog	2015-03-03 19:39:59.000000000 +0100
> > +++ gtk+2.0-2.24.25/debian/changelog	2016-03-17 23:20:16.000000000 +0100
> > @@ -1,3 +1,9 @@
> > +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium
> > +
> > +  * CVE-2013-7447 (Closes: #799275)
> 
> The Security Tracker suggests that this isn't fixed in the version of
> gtk+2.0 in unstable; is that correct?

Yes it is as well unfixed there. I just have proposed a NMU in
https://bugs.debian.org/799275#39

Hope this helps,

Regards,
Salvatore
Reply to: