On Tue, Aug 23, 2005 at 02:20:41PM +0200, Zoran Dzelajlija wrote: > Quoting Steve Langasek ([EMAIL PROTECTED]): > > On Mon, Aug 22, 2005 at 08:11:27PM +0200, Zoran Dzelajlija wrote: > > > Hi, any word of a sarge release to cover CAN-2005-1921 and, to kill two > > > flies, the new XML_RPC bug CAN-2005-2498? I've applied Ubuntu's > > > patches for both to a local build without much hassle... > > > > If you can provide me a direct URL for the Ubuntu security patches, I can > > probably find time to roll an update for the security team if Adam's busy.
> Patches for XML_RPC, CAN-2005-1921 and CAN-2005-2498 can be found in for > example > ftp://archive.ubuntu.com/ubuntu/pool/universe/p/php4-universe/php4-universe_4.3.10-10ubuntu3.4.diff.gz Unfortunately, so can lots of other things; that's not an isolated security fix, which is what I would need in order to deal with this quickly. However, Adam is committing the security fixes to the Debian pkg-php svn tree now, AIUI, so this soon should not be an issue. > > > Also, is there some user-friendly documentation aobut the new BTS > > > features (found vs. tagging for sarge)? > > No, there doesn't seem to be any user-friendly documentation yet, just the > > information that was posted to debian-devel-announce. :) > Eh. Should I file bugs for the bugs.debian.org or something? ;-) Might not be a bad idea. :) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
