Hello folks, just FYI:
CVE-2007-1253 as e.g. summarised on <http://idssi.enyo.de/tracker/CVE-2007-1253> only affects testing/unstable. A fix is in preparation and will be uploaded as 2.42a-6 to unstable from where it can easily propagate to testing. Upstream has decided to deal with this issue by simply dropping the script in question in 2.43, and the blender package maintainers will follow suit (2.43 will be also be uploaded to experimental soon, fwiw). Stable/oldstable are not affected as this script was first introduced in upstream 2.42, see e.g. upstream's cvs for background: <http://projects.blender.org/viewcvs/viewcvs.cgi/blender/release/scripts/Attic/kmz_ImportWithMesh.py?r1=1.13&cvsroot=bf-blender> HTH, Flo
signature.asc
Description: Digital signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
