Hi all,
Just in case somebody starts working on it, I'd like to review proposed
uploads of cacti to LTS. CVE-2016-2313 was initially wrongly fixed (a
sledgehammer for a simple nail). CVE-2016-3659 still needs reproducing
in Debian and a check if the fix by a contributer in the upstream bug
report
Hi Paul,
> Just in case somebody starts working on it, I'd like to review proposed
> uploads of cacti to LTS. CVE-2016-2313 was initially wrongly fixed (a
> sledgehammer for a simple nail). CVE-2016-3659 still needs reproducing
> in Debian and a check if the fix by a contributer in the upstream bu
Hi Emilio
On 25-06-16 22:03, Emilio Pozuelo Monfort wrote:
>> Just in case somebody starts working on it, I'd like to review proposed
>> uploads of cacti to LTS. CVE-2016-2313 was initially wrongly fixed (a
>> sledgehammer for a simple nail). CVE-2016-3659 still needs reproducing
>> in Debian and
On 26/06/16 09:23, Paul Gevers wrote:
> Hi Emilio
>
> On 25-06-16 22:03, Emilio Pozuelo Monfort wrote:
>>> Just in case somebody starts working on it, I'd like to review proposed
>>> uploads of cacti to LTS. CVE-2016-2313 was initially wrongly fixed (a
>>> sledgehammer for a simple nail). CVE-2016
Hi Emilio
[By the way, I read debian-lts, so no need to mail me directly, dropped
your To: as well].
On 26-06-16 10:40, Emilio Pozuelo Monfort wrote:
>> I believe CVE-2016-2313 should be included in this fix.
>
> Certainly! I have backported the fix and included in this new debdiff.
Looks good