Hello everybody, > > Hello everybody, > > there's something unclear to me. > > > > DSA-2505-1 [1] states that CVE-2012-3363 is fixed in unstable by > > zendframework/1.11.12-1 and the tracker seems to agree [2]. > > > > [1] https://lists.debian.org/debian-security-announce/2012/msg00145.html > > [2] http://security-tracker.debian.org/tracker/CVE-2012-3363 > > > > Good, but... where in the world is zendframework/1.11.12-1 ? > > > > The DSA was issued on last Friday. > > Nonetheless, it seems that zendframework/1.11.12-1 has not yet > > materialized: > > > > $ rmadison zendframework > > > > zendframework | 1.10.6-1 | squeeze | source, all > > zendframework | 1.10.6-1squeeze1 | squeeze-p-u | source, all > > zendframework | 1.10.6-1squeeze1 | squeeze-security | source, all > > zendframework | 1.11.11-1 | wheezy | source, all > > zendframework | 1.11.11-1 | sid | source, all > > Adding Frank Habermann to CC: since he's the uploader :) > > It seems that there were issues in the upload queue at the time he did > the upload for stable, not sure what the status is now. Frank, any idea? Sorry for all the trouble first. First stuff as new Debian Maint ;) The package was rejected with this error: Source package zendframework does not have 'DM-Upload-Allowed: yes' in its most recent version (1.11.11-1) So it must be sponsered first. Could be someone of you sponser it or i will ask my old sponsor. Package can be found here: http://debian.lordlamer.de/zendframework/1.11.12/zendframework_1.11.12-1.dsc As is said i am very sorry for all the trouble. Frank
Attachment:
signature.asc
Description: This is a digitally signed message part.