Hi Pau, On Sat, April 27, 2013 01:31, Pau Garcia i Quiles wrote: > Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected by a > few security issues which have been recently fixed upstream. One of the > issues is CVE-2013-1942. Two other issues, although important, did not get > a CVE number. > > I have backported the patches and created jquery-jplayer 2.1.0-2. Debdiff > is attached. > > Is it OK to upload this to the archive?
Although I'm not in the release team, I'm sure the following changes are unacceptable at this point: * Convert to source format 3.0 (quilt) to apply the patches that carry the fixes * Update standards to 3.9.4.0 (no changes needed) Can you prepare an upload without these (where you just apply the patches in the old-style 1.0 way)? Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cb5e856619f39ae20344bfd365a1944a.squir...@aphrodite.kinkhorst.nl