Fixing CVE-2013-4396 in squeeze-backports

To: Debian X Strike Force <debian-x@lists.debian.org>
Subject: Fixing CVE-2013-4396 in squeeze-backports
From: intrigeri <intrigeri@debian.org>
Date: Wed, 23 Oct 2013 09:47:39 +0200
Message-id: <[🔎] 85d2mwpgx0.fsf@boum.org>

Hi,

do you have any plans to fix CVE-2013-4396 in squeeze-backports?
(Rationale: Tails ships Xorg from squeeze-backports.)

If you don't, may I assume that the following would work:

  1. set up a Squeeze + backports chroot
  2. retrieve the xorg-server source package from squeeze-backports
  3. add the patch that was applied in the Wheezy security update
  4. build in the aforementioned chroot

?

I'm absolutely no C programmer, so if the patch doesn't apply clearly
or whatever, I'll be clueless and will need help. Also, it's unlikely
that I have time to deal with that before a week or so, so it's
clearly better if someone else does.

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

Reply to:

Follow-Ups:
- Re: Fixing CVE-2013-4396 in squeeze-backports
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#726750: (no subject)
Next by Date: xorg-server: Changes to 'debian-unstable'
Previous by thread: Bug#726750: (no subject)
Next by thread: Re: Fixing CVE-2013-4396 in squeeze-backports
Index(es):
- Date
- Thread