These are the only changes in 0.7.6 which matter for Debian (except for one pkcon fix you left out) - all other patches aren't compiled in. I can prepare a 0.7.5-2+deb7u1 version, if these changes aren't accepted, but I would prefer the other solution, if this is still possible. If not, I'll upload the fix release in ~2.5weeks (I won't have that much time before (away on a conference, and much university stuff to do)), because some of the fixes (the one you listed) are absolutely required. Cheers, Matthias
2012/9/25 Moritz Muehlenhoff <j...@inutil.org>: > On Mon, Sep 03, 2012 at 03:46:10PM +0200, Matthias Klumpp wrote: >> Okay, breaking down the changes: > > Since the review resources of the release managers are scarce and since we > should > get the security fixes into Wheezy, what about preparing a 0.7.5-2+deb7u1 > upload > to testing-proposed-updates with the following changes only: > >> Check for CancelBackgroundTransactions setting again: >> Respect the CancelBackgroundSetting setting again >> See >> http://gitorious.org/packagekit/packagekit/commit/1423e638600e7fd045b1ced0d584d59519610748 >> >> Do not allow the client to overwrite files when downloading packages: >> Pretty obvious what this does :-) Both a bugfix and a security enhancement. >> See >> http://gitorious.org/packagekit/packagekit/commit/a4a0210809b7bfda0df6874fe39b86b66590ef26 >> >> Fix several return values in pkcon when there is an error: >> Previously return codes weren't correct/weren't set on failure. >> See >> http://gitorious.org/packagekit/packagekit/commit/338842edf1a9d65b8708d514ab0f64fb684cf724 >> >> Ignore "accept-eula" in pk-transaction-run: >> Bugfix avoiding potential crash described in >> https://bugs.freedesktop.org/show_bug.cgi?id=53532 >> See >> http://gitorious.org/packagekit/packagekit/commit/771d28c110007d954c9ae65c5287fe1ee186589a >> >> Fix segfault in pkcon when user does ctrl-d at the package prompt: >> Kills this bug: https://bugzilla.redhat.com/show_bug.cgi?id=840342 >> See >> http://gitorious.org/packagekit/packagekit/commit/1594117d750e766309d3ff487bad3e39936a132c >> >> aptcc: Don't use tempfile with fixed name for conffiles: >> Resolves security issue in Debian, tracked as RC bug #678189 >> See >> http://gitorious.org/packagekit/packagekit/commit/e6e33f54dcc9b0058134e0d2584c2ee110ca0340 >> >> Fix a crash where NetworkManager is restarted whilst packagekitd is running: >> Important fix for packagekitd, I already got this reported by Debian >> users too. (Although it happens in a rare case) >> See >> http://gitorious.org/packagekit/packagekit/commit/1746179e446fa652027c673cff0f0f5e5daccd99 > > Cheers, > Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org