package libpng block 476669 by 469126 401467 + pending 404514 + pending 431202 + pending 469126 + pending 476669 + pending thanks
On Sat, Apr 19, 2008 at 01:22:38PM +0200, Nico Golde wrote: >Hi Aníbal, >*Aníbal Monsalve Salazar <[EMAIL PROTECTED]> [2008-04-19 12:51]: >>On Fri, Apr 18, 2008 at 07:07:00PM -0400, Glenn Randers-Pehrson wrote: >>>I don't think we need to delay the scheduled 21 April release of >>>>libpng-1.2.27rc1 and 30 April release of libpng-1.2.27 for this, >>>unless problems turn up in the next couple of days. >> >>CVE-2008-1382 will be fixed with libpng-1.2.27 and upstream plans to >>release libpng-1.2.27 on 30 April. > >What about patching 1.2.15~beta5-3? I can't patch 1.2.15~beta5-3, see http://bugs.debian.org/469126 However, I'm currently testing 1.2.26 with the diff between 1.2.26 and 1.2.27beta05 which includes the fix for CVE-2008-1382. >Cheers >Nico >-- >Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF >For security reasons, all text in this mail is double-rot13 encrypted.
signature.asc
Description: Digital signature
