[Secure-testing-team] Re: status of getting security fixes into sarge
Steve Langasek
vorlon at debian.org
Sat Dec 11 17:16:12 UTC 2004
On Thu, Dec 09, 2004 at 04:20:12PM -0500, Joey Hess wrote:
> Some NMUing has been done lately on some of the older security holes in
> sarge. Here are the ones the testing security team is currently tracking
> that are fixed in unstable but don't yet have a fix in sarge, plus a few
> others of interest:
> opendchub 0.7.14-1.1 needed, have 0.7.14-1 for CAN-2004-1127
> Will go in in a few days.
Blocked by a build failure on m68k (calls automake, due to timestamp skew
and lack of AM_MAINTAINER_MODE). Bug filed.
> prozilla (unfixed; bug #284117) for CAN-2004-1120
> Well it's not fixed, and no patch is known. Candidate for
> removal.
Tagged for removal.
> mtink 1.0.5 needed, have 1.0.1-2 for CAN-2004-1110
> Goes in today.
Looks good.
> ppp 2.4.2+20040428-3 needed, have 2.4.2+20040428-2 for CAN-2004-1002
> Frozen, same as in last report, see maintainer's comments IIRC.
Hrm, the last status I had on this was that I was *waiting* for maintainer
comments... :) Seeing none, I've gone ahead and pushed this in despite
278082.
> cscope 15.5-1.1 needed, have 15.5-1 for CAN-2004-0996
> Should go in RSN.
Yep, it's in.
Thanks,
--
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20041211/cf6f70b1/attachment.pgp
More information about the Secure-testing-team
mailing list