[Freewx-maint] Bug#560917: Processed: Re: Bug#560917: CVE-2009-3560 and CVE-2009-3720 denial-of-services

Ron ron at debian.org
Sun Dec 13 10:46:37 UTC 2009

severity 560917 normal


wx2.8 uses expat in slightly more/different ways to 2.6, but should
otherwise be unaffected by this for the same reasons as 2.6, described
in my reply to #560916.

I'm going to leave this one open as a reminder that both should have
--with-expat=sys and an explicit build-dep added (rather than relying
on other deps to bring this in) for the next upload, to ensure that
we _always_ use the system lib, rather than opportunistically doing
it for this one as we currently are.

Feel free to remove any tags identifying this one as needing attention
from the security teams though.  It is currently using the system expat.


On Sun, Dec 13, 2009 at 09:57:03AM +0000, Debian Bug Tracking System wrote:
> Processing commands for control at bugs.debian.org:
> > reassign 560917 wxwidgets2.8
> Bug #560917 [wxwidget2.8] CVE-2009-3560 and CVE-2009-3720 denial-of-services
> Warning: Unknown package 'wxwidget2.8'
> Bug reassigned from package 'wxwidget2.8' to 'wxwidgets2.8'.
> > --
> Stopping processing here.
> Please contact me if you need assistance.
> Debian bug tracking system administrator
> (administrator, Debian Bugs database)
> _______________________________________________
> Freewx-maint mailing list
> Freewx-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/freewx-maint

More information about the Freewx-maint mailing list