Dear maintainer,
Here is the NMU diff according to DevRef 5.11.1[1][2] for bug: #598299.
See the debian/patches directory for the important fixes.
Please let me know if it's ok to proceed with NMU.
Thank you for maintaining the package,
Jari Aalto
[1] http://www.debian.org/doc/developers-reference/pkgs.html#nmu
[2] http://dep.debian.net/deps/dep1.html
lsdiff(1) of changes:
mono-debugger-2.6.3/debian/changelog
mono-debugger-2.6.3/build/mdb.in
mono-debugger-2.6.3/build/mdb-symbolreader.in
diffstat for mono-debugger_2.6.3-2 mono-debugger_2.6.3-2.1
build/mdb-symbolreader.in | 2 +-
build/mdb.in | 2 +-
mono-debugger-2.6.3/debian/changelog | 11 +++++++++++
3 files changed, 13 insertions(+), 2 deletions(-)
diff -u mono-debugger-2.6.3/debian/changelog mono-debugger-2.6.3/debian/changelog
--- mono-debugger-2.6.3/debian/changelog
+++ mono-debugger-2.6.3/debian/changelog
@@ -1,3 +1,14 @@
+mono-debugger (2.6.3-2.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ - Fix for CVE-2010-3369 (grave, security; Closes: #598299).
+ * build/mdb-symbolreader.in
+ - (LD_LIBRARY_PATH): Use only if non-empty.
+ * build/mdb.in
+ - (LD_LIBRARY_PATH): Use only if non-empty.
+
+ -- Jari Aalto <jari.aa...@cante.net> Sat, 16 Oct 2010 17:46:16 +0300
+
mono-debugger (2.6.3-2) unstable; urgency=low
* Upload to Debian Unstable
only in patch2:
unchanged:
--- mono-debugger-2.6.3.orig/build/mdb.in
+++ mono-debugger-2.6.3/build/mdb.in
@@ -1,3 +1,3 @@
#!/bin/sh
-export LD_LIBRARY_PATH="@libdir@:${LD_LIBRARY_PATH}"
+export LD_LIBRARY_PATH="@lib...@${ld_library_path:+:$LD_LIBRARY_PATH}"
exec @mono@ --debug @twodir@/mdb.exe $*
only in patch2:
unchanged:
--- mono-debugger-2.6.3.orig/build/mdb-symbolreader.in
+++ mono-debugger-2.6.3/build/mdb-symbolreader.in
@@ -1,3 +1,3 @@
#!/bin/sh
-export LD_LIBRARY_PATH="@libdir@:${LD_LIBRARY_PATH}"
+export LD_LIBRARY_PATH="@lib...@${ld_library_path:+:$LD_LIBRARY_PATH}"
exec @mono@ --debug @twodir@/mdb-symbolreader.exe $*
