Salvatore Bonaccorso <> writes:

> Hi Felix,

hello Salvatore,

> Sorry for the delay in getting back to you.
> On Fri, Apr 06, 2018 at 09:40:40PM +0200, Felix Natter wrote:
>> hello Security Team,
>> here are the CVE-2018-1000069 security updates for jessie and stretch:
>> [jessie]
>> (jessie-CVE-2018-1000069 branch)
>> [stretch]
>> (stretch-CVE-2018-1000069 branch)
>> Both are tested:
>> - builds
>> - activation log message is seen
>> - Save and Load XML works
>> In what format would you like the "tested packages"? *.deb?
>> Here is the corrsponding upstream commit:
>> The debdiffs are attached.
> Debdiffs looks good to me. I just have a question, for the
> jessie-debdiff: In the was the removal of
> the import of org.freeplane.n3.nanoxml.XMLParserFactory not done on
> purpose?

Yes and no. On jessie the patch did not cleanly apply, so I would have
had to apply that change manually. Since removing the import has no
effect on the semantics of the program (as long as it still compiles), I
was too lazy. It should be ok.

> Other than that, when above question commented on, feel free to upload
> to security-master (AFICS you will need a sponsor, but guess Markus
> will cime in here as well). Remember that both needs to be build with
> -sa.

May I ask why the full source must be included?

@Markus: Would you be so kind to take care of uploading?

Cheers and Best Regards,
Felix Natter

Reply via email to