[pkg-horde] Bug#813590: WIP (was: Fwd: Proposed changes to jessie)
Mathieu Parent
math.parent at gmail.com
Wed Feb 24 21:40:21 UTC 2016
Hello,
I've proposed the changes to -security, without response yet.
See below.
---------- Forwarded message ----------
From: Mathieu Parent <math.parent at gmail.com>
Date: 2016-02-24 22:24 GMT+01:00
Subject: Re: Proposed changes to jessie
To: team at security.debian.org
2016-02-04 15:04 GMT+01:00 Mathieu Parent <math.parent at gmail.com>:
> Hello,
Pinging again.
> I have prepared security fixes for two Horde packages:
> - php-horde: https://bugs.debian.org/813573#26 XSS vulnerability in menu bar
Debdiff at: http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde.git/diff/?id2=47c6d6e6ad0836d657eee75e36ef8dbd19c843d2&id=112b45b0403df87828e6cd620eb0e3d4fc3c7fa9
> - php-horde-core: https://bugs.debian.org/813590#23 XSS in
> Horde_Core_VarRenderer_Html
Debdiff at: http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde-core.git/diff/?id2=d79e0d5424ba76351cde56701e061f91d241ec09&id=a98c8cb02edaaa0378771a7f21855aaafc883785
>
> Can I upload the two packages (this is already fixed in sid)?
Waiting for your answer.
> I have also prepared a ctdb regression update, which fix CTDB behavior
> under Linux after the fix for CVE-2015-8543:
> - https://bugs.debian.org/813406#25 ctdb, raw sockets and CVE-2015-8543
See http://anonscm.debian.org/cgit/pkg-samba/ctdb.git/commit/?h=debian-jessie&id=ec4e506686578cdf13b36ce18ec98cc5307b4e64
> Can I upload it?
Same.
> Can I make the same to wheezy once jessie is uploaded?
Same.
I think keeping those issues in place is not good.
Regards
--
Mathieu Parent
More information about the pkg-horde-hackers
mailing list