Bug#1006308: closed by Debian FTP Masters (reply to Mark Hindley ) (Bug#1006308: fixed in seatd 0.6.4-1)
Hi Mark, Sorry was away for the whole day: On Wed, Feb 23, 2022 at 09:22:11AM +, Mark Hindley wrote: > Salvatore, > > On Wed, Feb 23, 2022 at 10:14:59AM +0100, Salvatore Bonaccorso wrote: > > Thanks for the quick fix! > > > > Note there is a typo in the CVE, should have been CVE-2022-25643. > > Evidently too quick! > > Thanks for pointing it out. > > Would you prefer a new upload to fix it now or wait for the next routine one? I will be absolutely enough to fix it retrospectively in any future upload to make the debian/changelog consistent. But it does not need an extraordinary upload just for that. I have already updated the security-tracker metadata to reflect the fix. Thank you! Regards, Salvatore
Bug#1006308: closed by Debian FTP Masters (reply to Mark Hindley ) (Bug#1006308: fixed in seatd 0.6.4-1)
Salvatore, On Wed, Feb 23, 2022 at 10:14:59AM +0100, Salvatore Bonaccorso wrote: > Thanks for the quick fix! > > Note there is a typo in the CVE, should have been CVE-2022-25643. Evidently too quick! Thanks for pointing it out. Would you prefer a new upload to fix it now or wait for the next routine one? Mark
Bug#1006308: closed by Debian FTP Masters (reply to Mark Hindley ) (Bug#1006308: fixed in seatd 0.6.4-1)
Hi Mark, On Wed, Feb 23, 2022 at 09:09:05AM +, Debian Bug Tracking System wrote: > Format: 1.8 > Date: Wed, 23 Feb 2022 08:09:56 + > Source: seatd > Architecture: source > Version: 0.6.4-1 > Distribution: unstable > Urgency: high > Maintainer: Mark Hindley > Changed-By: Mark Hindley > Closes: 1006308 > Changes: > seatd (0.6.4-1) unstable; urgency=high > . >* New upstream version 0.6.4. > - includes fix for CVE-2022-2564: file removal with escalated privileges >via seatd-launch socket pathname (Closes: #1006308). Thanks for the quick fix! Note there is a typo in the CVE, should have been CVE-2022-25643. Regards, Salvatore