[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFS: new version of asciidoctor (1.5.8-1) ready for review/upload



Hi Joseph,

just a few comments on your changelog:
- there is a typo in the line about standards to 4.2.1 ('standrads')
- closing @91382 should also indicate the CVE reference (with a short
  title for the CVE)

Here is a proposition:

diff --git a/debian/changelog b/debian/changelog
index f98df52..765b7a9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,10 @@
 asciidoctor (1.5.8-1) unstable; urgency=medium
 
-  * New upstream version 1.5.8 (Closes: #913892)
+  * New upstream version 1.5.8
+    + CVE-2018-18385: fix infinite loop in Parser#next_block (Closes: #913892)
   * Refresh patches for new version
   * Fix Timezone tests when SOURCE_DATE_EPOCH is set.
-  * d/control: bump standrards to 4.2.1
+  * d/control: bump standards to 4.2.1
   * d/control: ruby-thread-safe has been dropped from upstream
     in favor of ruby-concurrent
   * d/control: add dependency version from ruby-asciidoctor to the ruby pkg

I don't have time and energy tonight to wait for all reverse
build/dependency to build. But if you agree we my proposition (or make a
new one), I am willing to upload the package tomorrow (wednesday) morning (UTC).

BTW, thanks for making me discover debhelper-compat! Maybe we should use
it globally in gem2deb?

Cheers,

Cédric

Attachment: signature.asc
Description: PGP signature


Reply to: