[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#819658: jessie-pu: package hexchat/2.10.1-1



Here are the files for the update.

On Thu, Mar 31, 2016 at 9:28 AM, Jesse Rhodes <drubo@drubo.net> wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> Hi,
>
> I have prepared a patch for hexchat_2.10.1-1 in jessie for this issue,
> https://security-tracker.debian.org/tracker/TEMP-0776609-026A07
>
> It is also referenced in debian bug # 818009.
>
> I am the hexchat maintainer and this patch comes from upstream, via
> the following 2 commits:
>
> https://github.com/hexchat/hexchat/commit/c99f2ba645d1f4d01d6d2bb0cc1238825e15c604
> https://github.com/hexchat/hexchat/commit/b6fa8574cb8e57db311fff2ada7ede3548617dd3
>
> (The first commit depends on the changes made in the second.)
>
> I built the updated package in a jessie pbuilder and tested it in a
> jessie vm. I can verify that:
> - hexchat now verifies hostnames when ssl is in use
> - hexchat appears to behave normally otherwise
>
> I spoke with the debian security team and they advised me that they would
> not issue a DSA for this, and that I should submit it to jessie-proposed-updates
> instead.
>
> Please let me know if you require anything else.
>
> Thanks
>
> sney
>
>
> -- System Information:
> Debian Release: 8.3
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
> Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)

Attachment: hexchat_2.10.1-1+deb8u1.debian.tar.xz
Description: Binary data

Attachment: hexchat_2.10.1-1+deb8u1.dsc
Description: Binary data


Reply to: