[pkg-eucalyptus-maintainers] Bug#691900: Bug#691900: gwt: CVE-2012-4563
Moritz Muehlenhoff
jmm at inutil.org
Wed Nov 21 09:11:41 UTC 2012
On Sat, Nov 03, 2012 at 10:23:18PM +0900, Charles Plessy wrote:
> Le Fri, Nov 02, 2012 at 07:43:19AM +0100, Thomas Koch a écrit :
> > Charles Plessy:
> > >
> > > In particular I do not know if the best resolution for this bug is to
> > > upgrade to 2.5.0 or to patch, so I am reluctant to take action by myself,
> > > worrying that I might complicate your work on Gerrit.
> >
> > Hi Charles,
> >
> > thank you for pinging me. I've just spend three days on Debian work. Could you
> > deal with it by updating to 2.5.0 and also set the maintainer to the java
> > packaging team?
>
> Hi Thomas,
>
> I have updated the source package to 2.5.0 (checked copyrights, refreshed the
> patches), but unfortunately it does not build. I suppose that some ground work
> is needed on the Java side, but I am not able to do it.
>
> I committed all my changes to the Git repository.
Please note that the initial fix was incomplete, CVE-2012-5920 was assigned for
that: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5920
Cheers,
Moritz
More information about the pkg-eucalyptus-maintainers
mailing list