Re: [rt.debian.org #3892] AutoReply CC: kfreebsd-8: cve-2012-0217
2012/6/21 Steven Chamberlain <firstname.lastname@example.org>:
> I'm assuming you created that RT ticket? I was included on Cc:, but I
> can't view via the web without an account.
Yes. I included you on CC. The web interface is at
http://rt.debian.org, but I'm not sure if I'm allowed to give access
to others (maybe ask DSA?).
> I also didn't see the
> initial post and don't know the status of this.
Sorry. It seems I can't check the status either, even though I
created the ticket myself :-(
> I tried to follow up just now to a comment (I can't see the author) that
> was posted and I've no idea if my reply was accepted. Just wanted to
> check this with you in case my reply to RT isn't visible:
>> On 21/06/12 18:36, Debian Developer via RT wrote:
>>> > Careful, patch in SVN repository can't be used as-is. See:
>>> > http://lists.debian.org/debian-bsd/2012/06/msg00214.html
> My reply:
>> After querying it with upstream they confirmed it was incorrect
>> (ineffective), has now been fixed, and I already committed r4320 which
>> matches upstream's correction. Please also see my follwup on debian-bsd:
> In other words the current SVN is fine for release. Hopefully soon,
> because the exploit is due to be be demonstrated publicly tomorrow.
CCing debian-security. Hopefully someone will pick this up...