On Sun, Feb 17, 2013 at 12:16:32AM +0100, Jeremy Lainé wrote: > Dear release team, > > Yesterday the following security vulnerability in the "pyrad" package was > brought to my attention by Salvatore Bonaccorso: > > https://security-tracker.debian.org/tracker/CVE-2013-0294 > > It is tracked in the following bug: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700669 > > I have uploaded version 1.2-1+deb7u1 targeted at testing-proposed-updates > (debdiff attached), as unstable carries a different upstream version. Could > you please let this version into wheezy?
It's traditional to seek approval *before* uploading; more so in this case since adding a patch system is a no-no. The change itself is fine, please upload with this only. You will have to bump the version number IIRC. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 <directhex> i have six years of solaris sysadmin experience, from 8->10. i am well qualified to say it is made from bonghits layered on top of bonghits
signature.asc
Description: Digital signature
