Hi Simon, So I hit a few issues with the debdiffs:
- the patch taken from upstream is in patch -p0 format so quilt push would fail; attempting to adjust the quilt series file to use -p0 (I think, may have conflated with the following issue) failed during the package build. - the unbound package has a debian-changes.patch in its series, which is a catch-all patch that accumulates changes; with the added patch in the series file after that, pushing the patch then building the source resulted in duplicated changes trying to be applied. - for xenial, the upstream patch fails to apply and needs backporting. I addressed the first two issues for bionic and artful, and have uploaded to the ubuntu-security-proposed ppa for testing. The patch for xenial needs backporting, and please ensure that proposed fixes build successfully, either locally or in a ppa. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1773720 Title: CVE-2017-15105 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1773720/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs