-=| Dominic Hargreaves, 11.10.2011 14:33:42 +0100 |=- > On Sat, Oct 01, 2011 at 12:44:33PM +0200, Moritz Mühlenhoff wrote: > > Did update this receive testing?
The changes look sane "in theory". They address all mentions of FCGI::ENV in the source. The RT testing by Dominic seems sufficient additional assurance to me. > > distribution needs to point to stable-security, not unstable. And > > while you're at it, please modify 0.71-1+squeeze.1 to 0.71-1+squeeze1 > > for consistency. Right. Thanks! > Hello Damyan, are you planning to do this or do you need someone > else to take over? IMO this one warrants a DSA. Thanks for the nudge. I have pushed the squeeze branch of http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libfcgi-perl.git;a=summary with the changes so others can take over for the actual uploading if I am away. The squeeze version still has Vcs-Svn in its control file. Would it be acceptable to change that too? Current changelog: libfcgi-perl (0.71-1+squeezei1) stable-security; urgency=high * Add patch from upstream bug tracker fixing CVE-2011-2766 Closes: #607479. Thaks to Ferdinand for reporting, Russ Allbery for the analysis and chansen for the patch. -- Damyan Ivanov <[email protected]> Wed, 12 Oct 2011 11:50:21 +0300
signature.asc
Description: Digital signature
