Bug#949826: buster-pu: package haproxy/1.8.19-1
- To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 949826@bugs.debian.org
- Cc: Vincent Bernat <bernat@debian.org>
- Subject: Bug#949826: buster-pu: package haproxy/1.8.19-1
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Fri, 8 May 2020 14:03:41 +0200
- Message-id: <[🔎] 20200508120341.GA978478@eldamar.local>
- Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 949826@bugs.debian.org
- In-reply-to: <9cc20d068213e6848ba8bf8effa279c39abd549d.camel@adam-barratt.org.uk>
- References: <157995954497.304636.1653483675690470170.reportbug@neo.luffy.cx> <20200126045010.GA5107@pisco.westfalen.local> <157995954497.304636.1653483675690470170.reportbug@neo.luffy.cx> <m3blqqh1gg.fsf@debian.org> <20200208074322.GA1841118@eldamar.local> <157995954497.304636.1653483675690470170.reportbug@neo.luffy.cx> <87eev5cspd.fsf@debian.org> <157995954497.304636.1653483675690470170.reportbug@neo.luffy.cx> <9cc20d068213e6848ba8bf8effa279c39abd549d.camel@adam-barratt.org.uk> <157995954497.304636.1653483675690470170.reportbug@neo.luffy.cx>
Hi,
On Sun, Apr 12, 2020 at 10:34:27PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sat, 2020-02-08 at 10:51 +0100, Vincent Bernat wrote:
> > ❦ 8 février 2020 08:43 +01, Salvatore Bonaccorso <carnil@debian.org
> > >:
> >
> > > This needs to be rebased to the 1.8.19-1+deb10u1 which was released
> > > as
> > > DSA 4577-1 AFAICT.
> >
> > Oh, sorry. Here is the updated patch.
>
> Please go ahead.
Too late for buster 10.4 but actually this would need to be rebased to
the 1.8.19-1+deb10u2 as there was another DSA for haproxy (but not
including this CVE fix). So the version will be 1.8.19-1+deb10u3 by
now.
If before the next point release will be another haproxy update this
fix for the CVE can be included as well, IMHO.
Regards,
Salvatore
Reply to: