Salvatore Bonaccorso <car...@debian.org> writes: > Can you point me to the errors you found? Since I added I think most > of those entries I would like to correct them if I wrongly commited.
Sure. Hope I haven't made too many mistakes myself :-) * CVE-2016-2365 / TALOS-CAN-0133 https://bitbucket.org/pidgin/main/commits/5fa3f2bc69d7 - commit message says TALOS-CAN-0128. - believe correct patch is 1c4acc6977a8686ad980e5b820327c9c47dbeaca * CVE-2016-2366 / TALOS-CAN-0134 https://bitbucket.org/pidgin/main/commits/abdc3025f6b8 - is correct * CVE-2016-2367 / TALOS-2016-0135 https://bitbucket.org/pidgin/main/commits/5e3601f8bde4 https://bitbucket.org/pidgin/main/commits/1c5197a66760 https://bitbucket.org/pidgin/main/commits/648f667a679c - same patches given as for CVE-2016-2370 / TALOS-CAN-0138 - same patches given as for CVE-2016-2372 / TALOS-2016-0140 - assuming these are correct, however neither the CVE or TALOS id in the commit message. * CVE-2016-2368 / TALOS-CAN-0136 https://bitbucket.org/pidgin/main/commits/f6efc254e947 https://bitbucket.org/pidgin/main/commits/60f95045db42 - wrong order, but still correct * CVE-2016-2369 / TALOS-CAN-0137 No patch given. - Correct patch appears to be 7b52ca213832882c9f69b836560ba44c6e929a34 (see below) * CVE-2016-2370 / TALOS-CAN-0138 https://bitbucket.org/pidgin/main/commits/5e3601f8bde4 https://bitbucket.org/pidgin/main/commits/1c5197a66760 https://bitbucket.org/pidgin/main/commits/648f667a679c - same patches given as for CVE-2016-2367 / TALOS-2016-0135 - same patches given as for CVE-2016-2372 / TALOS-2016-0140 - Correct patch appears to be fe0e01b2840740d9a07acf9a9788ec22e9dd120f * CVE-2016-2371 / TALOS-CAN-0139 https://bitbucket.org/pidgin/main/commits/7b52ca213832 - This commit mentions TALOS-CAN-0137 - Correct patch appears to be f0287378203fbf496a9890bf273d96adefb93b74 * CVE-2016-2372 / TALOS-2016-0140 https://bitbucket.org/pidgin/main/commits/5e3601f8bde4 https://bitbucket.org/pidgin/main/commits/1c5197a66760 https://bitbucket.org/pidgin/main/commits/648f667a679c - same patches given as for CVE-2016-2367 / TALOS-2016-0135 - same patches given as for CVE-2016-2370 / TALOS-CAN-0138 - my search suggested the correct patch is the 2nd one, or 1c5197a66760396a28de87d566e0eb0d986175ea - I put this patch as part of CVE-2016-2367 / TALOS-2016-0135 which might be wrong. * CVE-2016-2373 / TALOS-CAN-0141 https://bitbucket.org/pidgin/main/commits/e6159ad42c4c - correct * CVE-2016-2374 / TALOS-CAN-0142 https://bitbucket.org/pidgin/main/commits/f6c08d962618 - correct * CVE-2016-2375 / TALOS-CAN-0143 https://bitbucket.org/pidgin/main/commits/b786e9814536 - correct * CVE-2016-2376 / TALOS-CAN-0118 https://bitbucket.org/pidgin/main/commits/19f89eda8587 - correct * CVE-2016-2377 / TALOS-CAN-0119 https://bitbucket.org/pidgin/main/commits/0f94ef13ab37 - correct * CVE-2016-2378 / TALOS-CAN-0120 https://bitbucket.org/pidgin/main/commits/06278419c703 - correct * CVE-2016-2380 / TALOS-CAN-0123 https://bitbucket.org/pidgin/main/commits/8172584fd640 - correct * CVE-2016-4323 / TALOS-CAN-0128 Patch not given - Believe correct patch is 5fa3f2bc69d7918d1e537e780839df63d5df59aa - was patch listed for CVE-2016-2365 / TALOS-CAN-0133 -- Brian May <b...@debian.org>