Bug#829130: jessie-pu: package wget/1.16-1+deb8u1

To: 829130@bugs.debian.org, Noël Köthe <noel@debian.org>
Subject: Bug#829130: jessie-pu: package wget/1.16-1+deb8u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 5 Jul 2016 15:44:46 +0200
Message-id: <[🔎] 20160705134446.GA5596@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 829130@bugs.debian.org
In-reply-to: <146731576445.1948.182953883315297323.reportbug@lorien.valinor.li>
References: <146731576445.1948.182953883315297323.reportbug@lorien.valinor.li>

Hi,

On Thu, Jun 30, 2016 at 09:42:44PM +0200, Salvatore Bonaccorso wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian.org@packages.debian.org
> Usertags: pu
> 
> Hi stable release managers,
> 
> wget in stable is affected by CVE-2016-4971, an issue where wget does
> not correctly handle filenames when beeing redirected from a HTTP to a
> FTP URL. We think that this does not necessarly need a DSA, but still
> would be good to be fixed in stable. I thus have prepared a debdiff,
> attached. Bug in BTS is #827003.
> 
> The debdiff contains an increasing debian/wget.debhelper.log.
> 
> If you allow me to, I can prepare a new debdiff, to clean this up as
> well, by using dh_prep instead of dh_clean -k for the build target.
> Would that be fine?
> 
> But attached the debdiff without that packaging change.

JFTR, if actually Noël Köthe <noel@debian.org> would like to do the
upload himself, I can happily hand over.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#829130: jessie-pu: package wget/1.16-1+deb8u1
  - From: Noël Köthe <noel@debian.org>

Prev by Date: Re: Unsattisfied dependency python-cffi-backend-api-min (<= 9729)
Next by Date: Re: Unsattisfied dependency python-cffi-backend-api-min (<= 9729)
Previous by thread: Processed: tagging 829606
Next by thread: Bug#829130: jessie-pu: package wget/1.16-1+deb8u1
Index(es):
- Date
- Thread