tags 692434 + patch tags 692434 + pending thanks Dear maintainer,
I've prepared an NMU for yui (versioned as 2.9.0-1.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer or cancel it. Regards, Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
diff -Nru yui-2.9.0/debian/changelog yui-2.9.0/debian/changelog --- yui-2.9.0/debian/changelog 2012-06-29 20:47:34.000000000 +0100 +++ yui-2.9.0/debian/changelog 2013-02-02 16:30:55.000000000 +0000 @@ -1,3 +1,11 @@ +yui (2.9.0-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Disable installation of uploader.swf and swfstore.swf as examples + owing to unfixed security issues (Closes: #692434) + + -- Dominic Hargreaves <d...@earth.li> Sat, 02 Feb 2013 16:30:52 +0000 + yui (2.9.0-1) unstable; urgency=low * New upstream version. diff -Nru yui-2.9.0/debian/rules yui-2.9.0/debian/rules --- yui-2.9.0/debian/rules 2012-06-29 22:09:11.000000000 +0100 +++ yui-2.9.0/debian/rules 2013-02-02 16:30:01.000000000 +0000 @@ -20,16 +20,19 @@ as3compile com/yui/util/connection.as -M connection -R -o connection.swf && \ mv connection.swf ../../../build/connection - cd src/uploader/as && \ - as3compile Uploader.as -M Uploader -R -o uploader.swf && \ - cp uploader.swf ../../../examples/uploader/assets && \ - mv uploader.swf ../../../build/uploader/assets + # Disable installation of uploader.swf and swfstore.swf due to + # known security issues without published source code fixes + # (CVE-2012-5882 and CVE-2012-5883 respectively) + #cd src/uploader/as && \ + #as3compile Uploader.as -M Uploader -R -o uploader.swf && \ + #cp uploader.swf ../../../examples/uploader/assets && \ + #mv uploader.swf ../../../build/uploader/assets - cd src/swfstore/as && \ - as3compile SWFStore.as -M SWFStore -R -o swfstore.swf && \ - cp swfstore.swf ../../../examples/storage && \ - cp swfstore.swf ../../../examples/swfstore && \ - mv swfstore.swf ../../../build/swfstore + #cd src/swfstore/as && \ + #as3compile SWFStore.as -M SWFStore -R -o swfstore.swf && \ + #cp swfstore.swf ../../../examples/storage && \ + #cp swfstore.swf ../../../examples/swfstore && \ + #mv swfstore.swf ../../../build/swfstore override_dh_clean: -rm -rf as-docs/Charts.html as-docs/com/yahoo/astra/fl/charts \