[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [rt.debian.org #3892] AutoReply CC: kfreebsd-8: cve-2012-0217

2012/6/21 Steven Chamberlain <steven@pyro.eu.org>:
> I'm assuming you created that RT ticket?  I was included on Cc:, but I
> can't view via the web without an account.

Yes. I included you on CC.  The web interface is at
http://rt.debian.org, but I'm not sure if I'm allowed to give access
to others (maybe ask DSA?).

>  I also didn't see the
> initial post and don't know the status of this.

Sorry.  It seems I can't check the status either, even though I
created the ticket myself :-(

> I tried to follow up just now to a comment (I can't see the author) that
> was posted and I've no idea if my reply was accepted.  Just wanted to
> check this with you in case my reply to RT isn't visible:
>> On 21/06/12 18:36, Debian Developer via RT wrote:
>>> > Careful, patch in SVN repository can't be used as-is. See:
>>> > http://lists.debian.org/debian-bsd/2012/06/msg00214.html
> My reply:
>> After querying it with upstream they confirmed it was incorrect
>> (ineffective), has now been fixed, and I already committed r4320 which
>> matches upstream's correction.  Please also see my follwup on debian-bsd:
>> https://lists.debian.org/debian-bsd/2012/06/msg00246.html
> In other words the current SVN is fine for release.  Hopefully soon,
> because the exploit is due to be be demonstrated publicly tomorrow.

CCing debian-security. Hopefully someone will pick this up...

Robert Millan

Reply to: