Bug#818615: jessie-pu: package gtk+2.0

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: Salvatore Bonaccorso <carnil@debian.org>, 818615@bugs.debian.org, control@bugs.debian.org
Subject: Bug#818615: jessie-pu: package gtk+2.0
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 23 Mar 2016 23:12:21 +0100
Message-id: <[🔎] 20160323221221.GA28569@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 818615@bugs.debian.org
In-reply-to: <[🔎] 1458676600.2441.5.camel@adam-barratt.org.uk>
References: <[🔎] 145832599619.4020.17172577426713991949.reportbug@pisco.westfalen.local> <[🔎] 1458328954.1831.13.camel@adam-barratt.org.uk> <[🔎] 20160318195830.GA27474@eldamar.local> <[🔎] 1458676600.2441.5.camel@adam-barratt.org.uk>

tags 818615 -moreinfo
thanks

On Tue, Mar 22, 2016 at 07:56:40PM +0000, Adam D. Barratt wrote:
> On Fri, 2016-03-18 at 20:58 +0100, Salvatore Bonaccorso wrote:
> > HI Adam,
> > 
> > Not Moritz here but can answer the question as well:
> > 
> > On Fri, Mar 18, 2016 at 07:22:34PM +0000, Adam D. Barratt wrote:
> > > Control: tags -1 + moreinfo
> > > 
> > > On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote:
> > > > I'd like to fix a security issue in GTK, which doesn't really warrant
> > > > a DSA. Debdiff below, I've been running this on my jessie
> > > > workstation for a day now.
> > > > 
> > > > Cheers,
> > > >         Moritz
> > > > 
> > > > diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog
> > > > --- gtk+2.0-2.24.25/debian/changelog	2015-03-03 19:39:59.000000000 +0100
> > > > +++ gtk+2.0-2.24.25/debian/changelog	2016-03-17 23:20:16.000000000 +0100
> > > > @@ -1,3 +1,9 @@
> > > > +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium
> > > > +
> > > > +  * CVE-2013-7447 (Closes: #799275)
> > > 
> > > The Security Tracker suggests that this isn't fixed in the version of
> > > gtk+2.0 in unstable; is that correct?
> > 
> > Yes it is as well unfixed there. I just have proposed a NMU in
> > https://bugs.debian.org/799275#39
> 
> Thanks for that.
> 
> If we don't notice, please feel free to remove the "moreinfo" tag once
> the NMU reaches unstable.

This is now in unstable:
https://packages.qa.debian.org/g/gtk+2.0/news/20160323T215045Z.html

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Processed: Re: Bug#818615: jessie-pu: package gtk+2.0
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#818615: jessie-pu: package gtk+2.0
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#818615: jessie-pu: package gtk+2.0
  - From: Moritz Muehlenhoff <jmm@debian.org>
- Bug#818615: jessie-pu: package gtk+2.0
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Bug#818615: jessie-pu: package gtk+2.0
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#818615: jessie-pu: package gtk+2.0
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Processed: Re: Bug#819119: jessie-pu: package libsndfile/1.0.25-9.1+deb8u1
Next by Date: Processed: Re: Bug#818615: jessie-pu: package gtk+2.0
Previous by thread: Bug#818615: jessie-pu: package gtk+2.0
Next by thread: Processed: Re: Bug#818615: jessie-pu: package gtk+2.0
Index(es):
- Date
- Thread