Bug#861481: unblock: weechat/1.6-1+deb9u1

To: Salvatore Bonaccorso <carnil@debian.org>, 861481@bugs.debian.org
Subject: Bug#861481: unblock: weechat/1.6-1+deb9u1
From: Niels Thykier <niels@thykier.net>
Date: Sat, 29 Apr 2017 15:23:00 +0000
Message-id: <[🔎] c9ec091e-6a9b-2945-7aa5-826f0f73a6fa@thykier.net>
Reply-to: Niels Thykier <niels@thykier.net>, 861481@bugs.debian.org
In-reply-to: <[🔎] 149347793708.2669.8911407783817607998.reportbug@lorien.valinor.li>
References: <[🔎] 149347793708.2669.8911407783817607998.reportbug@lorien.valinor.li>

Control: tags -1 confirmed moreinfo

Salvatore Bonaccorso:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Hi
> 
> Disclaimer: please note, not the maintainer here, but Emmanuel is
> X-Debbug-CC'ed.
> 
> Please unblock package weechat
> 
> I guess 1.7-3 as in unstable, fixing CVE-2017-8073, #861121 cannot be
> unblocked, since the changes to 1.6-1 are way to much (if yes, though,
> that would great). If not, I propose a targeted fix to fix this CVE:
> 
> +weechat (1.6-1+deb9u1) stretch; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * irc: fix parsing of DCC filename (CVE-2017-8073) (Closes: #861121)
> +
> + -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 29 Apr 2017 16:31:58 +0200
> 
> The issue is as well fixed already in stable via a DSA.
> 
> unblock weechat/1.6-1+deb9u1
> 
> Regards
> Salvatore
> 

Ack, please ago ahead with the tpu upload.

Thanks,
~Niels

Reply to:

Follow-Ups:
- Bug#861481: unblock: weechat/1.6-1+deb9u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#861481: unblock: weechat/1.6-1+deb9u1
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#861485: unblock: espeak-ng/1.49.0+dfsg-10
Next by Date: Processed: Re: Bug#861481: unblock: weechat/1.6-1+deb9u1
Previous by thread: Bug#861481: unblock: weechat/1.6-1+deb9u1
Next by thread: Bug#861481: unblock: weechat/1.6-1+deb9u1
Index(es):
- Date
- Thread