Re: unblock and pu request for libxslt
On Thu, Jul 5, 2012 at 6:21 PM, Adam D. Barratt wrote: > On 05.07.2012 11:00, Aron Xu wrote: >> >> Can you please unblock libxslt/1.1.26-13 which fixes CVE-2012-2825 >> (Bug #679283)? Patch applied: >> >> >> http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=blob;f=debian/patches/0005-cve-2012-2825.patch;h=2e7db481530519ed82a69ab41e4297767f83e6f5;hb=ecbb4ca70e90c1c4789049e7a41c6c1d2c51871e > > > This is fun: > > --- libxslt-1.1.26/debian/changelog 2012-06-15 11:04:15.0 + > +++ libxslt-1.1.26/debian/changelog 2012-07-05 03:10:22.0 + > @@ -1,9 +1,8 @@ > -libxslt (1.1.26-12+rebuild1) unstable; urgency=low > +libxslt (1.1.26-13) unstable; urgency=low > > - * Rebuild against new libxml2 to make xslt-config identical across > -architectures. > + * Patch to fix CVE-2012-2825 (Closes: #679283). > > - -- Aron Xu Fri, 15 Jun 2012 18:55:36 +0800 > + -- Aron Xu Thu, 05 Jul 2012 11:09:19 +0800 > > Unblocked anyway. > Thanks for unblocking, but no fun at all. changelog for sourceful rebuild is useless for history tracking anyway. > >> I've also prepared an update for squeeze and please advise if I can >> upload to pu. This fixes three CVEs: > > > Please don't mix different types of request in the same mail. For a stable > update, please open an appropriately usertagged pu bug, including a full > source debdiff rather than VCS pointers. > > Regards, > > Adam OK, will do, thanks! -- Regards, Aron Xu -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAMr=8w4nBB38kqaQ_MjjXLA=64jwdamx_argcesgkfvcegk...@mail.gmail.com
Re: unblock and pu request for libxslt
On 05.07.2012 11:00, Aron Xu wrote: Can you please unblock libxslt/1.1.26-13 which fixes CVE-2012-2825 (Bug #679283)? Patch applied: http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=blob;f=debian/patches/0005-cve-2012-2825.patch;h=2e7db481530519ed82a69ab41e4297767f83e6f5;hb=ecbb4ca70e90c1c4789049e7a41c6c1d2c51871e This is fun: --- libxslt-1.1.26/debian/changelog 2012-06-15 11:04:15.0 + +++ libxslt-1.1.26/debian/changelog 2012-07-05 03:10:22.0 + @@ -1,9 +1,8 @@ -libxslt (1.1.26-12+rebuild1) unstable; urgency=low +libxslt (1.1.26-13) unstable; urgency=low - * Rebuild against new libxml2 to make xslt-config identical across -architectures. + * Patch to fix CVE-2012-2825 (Closes: #679283). - -- Aron Xu Fri, 15 Jun 2012 18:55:36 +0800 + -- Aron Xu Thu, 05 Jul 2012 11:09:19 +0800 Unblocked anyway. I've also prepared an update for squeeze and please advise if I can upload to pu. This fixes three CVEs: Please don't mix different types of request in the same mail. For a stable update, please open an appropriately usertagged pu bug, including a full source debdiff rather than VCS pointers. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/754a167b33cc47ab95e7a314b0dc3...@mail.adsl.funky-badger.org
unblock and pu request for libxslt
Hi, Can you please unblock libxslt/1.1.26-13 which fixes CVE-2012-2825 (Bug #679283)? Patch applied: http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=blob;f=debian/patches/0005-cve-2012-2825.patch;h=2e7db481530519ed82a69ab41e4297767f83e6f5;hb=ecbb4ca70e90c1c4789049e7a41c6c1d2c51871e I've also prepared an update for squeeze and please advise if I can upload to pu. This fixes three CVEs: CVE-2011-1202, #617413: http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=commitdiff;h=dbb14e5be43bf20c8b7a2e37bda1d8f7867dc56b;hp=1a30e3c16a7b08489fec5dde9808dfbd15f9cd4b CVE-2011-3970, #660650: http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=commitdiff;h=18dd5c48fc1829ec75823b5ac975574b785c1233;hp=dbb14e5be43bf20c8b7a2e37bda1d8f7867dc56b CVE-2012-2825, #679283: http://anonscm.debian.org/gitweb/?p=debian-xml-sgml/libxslt.git;a=commitdiff;h=9ebc17a3bad5fc6807080e11bcca3f58c8c392fe;hp=18dd5c48fc1829ec75823b5ac975574b785c1233 -- Regards, Aron Xu -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAMr=8w79nN3rKC-sr7DYFEUV3GBucbO5N0GzvUeE=lm_cgf...@mail.gmail.com