Re: gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?
James Strandboge wrote: In reviewing the changelog and source for gtk+2.0, CVE-2005-3186 and CVE-2005-2975 are explicitly mentioned (and have patches in debian/patches). However, CVE-2005-2976 is not mentioned in the changelog and does not have a separate patch in debian/patches, though it is mentioned in the DSA. Is this an oversight in the changelog or was the patch not included? Gtk+2.0 from Sarge is not affected by CVE-2005-2976, see #339431 for more information. It's mentioned because it applies to Woody. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
gtk+2.0 2.6.4-3.1 (DSA 911-1)-- patch for CVE-2005-2976 not included?
In reviewing the changelog and source for gtk+2.0, CVE-2005-3186 and CVE-2005-2975 are explicitly mentioned (and have patches in debian/patches). However, CVE-2005-2976 is not mentioned in the changelog and does not have a separate patch in debian/patches, though it is mentioned in the DSA. Is this an oversight in the changelog or was the patch not included? Thanks -- James Strandboge [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]