On 07/18/2013 09:34 PM, Salvatore Bonaccorso wrote:
> but Antonin replied on
> another bug: http://bugs.debian.org/717173#17
I'm not sure I get it. Are #715007 and #717173 the same issue? They seem
to be different CVE# though.
BTW, there's more to it than what I just sent as patch. The FTBFS needs
to be addressed. My (ugly) solution would be:
--- mongodb-2.4.3.orig/src/mongo/util/time_support.h
+++ mongodb-2.4.3/src/mongo/util/time_support.h
@@ -99,7 +99,7 @@ namespace mongo {
#if defined(MONGO_BOOST_TIME_UTC_HACK) || (BOOST_VERSION >= 105000)
#define MONGO_BOOST_TIME_UTC boost::TIME_UTC_
#else
-#define MONGO_BOOST_TIME_UTC boost::TIME_UTC
+#define MONGO_BOOST_TIME_UTC boost::TIME_UTC_
Also, the debian/rules should rm -rf the build folder (to address #715015).
Please fix all these soon. And yes, cherry-pick a fix, if it seems more
easy and faster to have the bug addressed, would be nice.
Also, I would need a mongodb backport in Wheezy. It's the tradition to
first ask the maintainer. I need the RC bugs to be fixed before I can do
it, and this for sure includes a fix for #715007 / CVE-2013-4650. Would
the maintainer take care of the backport, or shall I do it?
Cheers, and thanks for maintaining MongoDB,
Thomas Goirand (zigo)
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
