Hi Timo, On Thu, Apr 13, 2017 at 11:59:38PM +0300, Timo Aaltonen wrote: > On Thu, 13 Apr 2017, Salvatore Bonaccorso wrote: > > > Control: tags -1 + patch > > > > Hi > > > > The fix apparently applied in CentOS 1.3.5.10-20.el7_3 is > > > > https://git.centos.org/raw/rpms!389-ds-base!/c9e5dad69e2b497f118efac56f43cc6c74b6a695/SOURCES!0072-fix-for-cve-2017-2668-simple-return-text-if-suffix-n.patch > > Hi, would it be fine to push 1.3.5.16 which, I believe, includes fix for > this among other bugfixes? Can't check or push it before I'm back home on > Sunday though.
I cannot really tell ;-). But best option then is to ask for the pre-approval of the release team for a 1.3.5.16 based upload rather than cherry-picked patch, explaining why the other included fixes are important as well for stretch. Does this help? Regards, Salvatore
