❦ 27 avril 2013 09:01 CEST, "Thijs Kinkhorst" <th...@debian.org> :
>> Wheezy contains my package jquery-jplayer 2.1.0-1, which is affected by a
>> few security issues which have been recently fixed upstream. One of the
>> issues is CVE-2013-1942. Two other issues, although important, did not get
>> a CVE number.
>>
>> I have backported the patches and created jquery-jplayer 2.1.0-2. Debdiff
>> is attached.
>>
>> Is it OK to upload this to the archive?
>
> Although I'm not in the release team, I'm sure the following changes are
> unacceptable at this point:
>
> * Convert to source format 3.0 (quilt) to apply the patches that carry the
> fixes
> * Update standards to 3.9.4.0 (no changes needed)
>
> Can you prepare an upload without these (where you just apply the patches
> in the old-style 1.0 way)?
Not in the release team either but I disagree that switching to 3.0
(quilt) is an unacceptable change. This is far more simple than adding a
patch system in debian/rules and better practice than putting those
changes in diff.gz.
--
printk(KERN_WARNING "Multi-volume CD somehow got mounted.\n");
2.2.16 /usr/src/linux/fs/isofs/inode.c
pgpubzQm8c5Bf.pgp
Description: PGP signature
