Bug#928292: stretch-pu: package signing-party/2.5-1

To: Guilhem Moulin <guilhem@debian.org>, 928292@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>
Subject: Bug#928292: stretch-pu: package signing-party/2.5-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 03 Jun 2019 15:17:05 +0100
Message-id: <[🔎] 1559571425.4099.24.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 928292@bugs.debian.org
In-reply-to: <20190501115222.GA8893@debian.org>
References: <20190501112726.GA3737@debian.org> <20190501113712.GA4370@eldamar.local> <20190501112726.GA3737@debian.org> <20190501115222.GA8893@debian.org> <20190501112726.GA3737@debian.org>

Control: tags -1 +  confirmed

On Wed, 2019-05-01 at 13:52 +0200, Guilhem Moulin wrote:
> Hi Salvatore,
> 
> On Wed, 01 May 2019 at 13:37:12 +0200, Salvatore Bonaccorso wrote:
> > On Wed, May 01, 2019 at 01:27:26PM +0200, Guilhem Moulin wrote:
> > > +signing-party (2.5-1+deb9u1) stretch; urgency=medium
> > > +
> > > +  * Backport security fix for CVE-2018-15599: unsafe shell call
> > > enabling shell
> > 
> >                               ^^^^^^^^^^^^^^ That would be CVE-
> > 2019-11627
> > 
> > (and as well for the patch name itself).
> 
> Ooops, I got fooled by my copy-paste fu, and did the same mistake in
> 2.10-1…  Thanks for spotting!  New debdiff attached.

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#928553: stretch-pu: package libthrift-java/0.9.1-2.1~deb9u1
Next by Date: Processed: Re: Bug#928292: stretch-pu: package signing-party/2.5-1
Previous by thread: Processed: Re: Bug#928553: stretch-pu: package libthrift-java/0.9.1-2.1~deb9u1
Next by thread: Processed: Re: Bug#928292: stretch-pu: package signing-party/2.5-1
Index(es):
- Date
- Thread