To Steven, > Follow the link through to src:amsn and it's there (filed against the > source package, which is probably correct since your report was about > build dependencies).
Ah thanks I think it was luck I got that right though, will remember it for the future. On 30 May 2012 05:41, Steven Chamberlain <ste...@pyro.eu.org> wrote: > Hi, > > On 29/05/12 20:13, Kitty PC wrote: >> I just talked to one of the devs in regards with the Denial of Service >> bug s/he said it has been fixed in SVN for two years > > I think I see the relevant commit in SVN; it might have been fixed but > I don't think there was an actual release containing that fix until now. > > And it's not stated very clearly in the release announcement; it would > really make things easier for package maintainers, QA and security teams > (not just Debian but other distros too) if the release had a more > detailed changelog ideally mentioning the CVE ID of that DoS vulnerability. > > Anyway, thanks a lot for passing along the info you got from upstream. > > >> [...] It'd be nice to have the new >> release packaged up and the dependency issue fixed. The dev I spoke to >> also said s/he was working on repackaging amsn for debian but due to >> lack of time has not done so yet > > If nobody else gets around to it I could *maybe* try to package the new > upstream version myself; I could use some practice at this, and I would > certainly use it personally. > > >> On an unrelated note I can't seem to see this bug on the >> http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=amsn page yet. > > Follow the link through to src:amsn and it's there (filed against the > source package, which is probably correct since your report was about > build dependencies). > > Regards, > -- > Steven Chamberlain > ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
