Salvatore Bonaccorso <car...@debian.org> writes: > Hi Felix,
hello Salvatore, > On Sun, Apr 01, 2018 at 06:04:27PM +0200, Markus Koschany wrote: >> >> >> Am 01.04.2018 um 17:57 schrieb Felix Natter: >> [...] >> > Thanks, done. >> > BTW: Is it ok to close the bug with the stretch-security upload even if >> > the jessie-security upload is still pending? >> >> Yes, that's ok. You can close the bug with both uploads. >> >> > What is there to do next? >> >> As soon as the security team has approved the changes, I can upload your >> packages to security-master. > > Thanks for working on it, the issue is severe enought that it warrants > a DSA. Could you send the security team alias > (t...@security.debian.org) debdiffs resulting from the build and > tested packages for a short review + ack? The stretch update is here (branch stretch-CVE-2018-1000069): https://anonscm.debian.org/cgit/pkg-java/freeplane.git/log/?h=stretch-CVE-2018-1000069&showmsg=1 This is tested: - activation log message is seen - Save and Load XML works In what format would you like the "tested packages"? *.deb? Here is the upstream commit: https://github.com/freeplane/freeplane/commit/a5dce7f9f The debdiff (for stretch-security) is attached. I am still working on the jessie update, this could take until Saturday (sorry for the delay). Best Regards, -- Felix Natter debian/rules!
stretch-CVE-2018-100006.debdiff
Description: Binary data