Jay Berkenbilt <[email protected]> wrote:

> Grant McLean <[email protected]> wrote:
>
>> On Sun, 2011-06-19 at 20:45 -0400, Jay Berkenbilt wrote:
>>> Do you know whether the problem occurred after the most recent security
>>> update?  There was a security fix to some of the code that affects G4.
>>
>> I'm almost certain the problem is related to the security release.
>>
>> We have automated regression testing which was working up until June
>> 10th.  On June 11th our logs show a dist-upgrade updated libtiff4 to
>> libtiff4_3.9.4-5+squeeze2_amd64.deb and the tests have been failing ever
>> since.
>
> Do you know whether the problem was present in squeeze1?  Did you go
> straight from 3.9.4-5 to 3.9.4-5+squeeze2, or did you run squeeze1 in
> the interim?  squeeze1 contained the change to Fax4Decode, so I'm
> guessing it must be there.  Anyway, I'll rebuild intermediate versions
> and test.  I'm sorry this is taking some time.  Real life sometimes
> takes precedence over debian work, of course, but I try to stay on top
> of more serious problems.  I don't think the security issues that were
> fixed are super-critical or have easily usable exploits, so downgrading
> is a workaround, as I'm sure you know.  I'm trying to squeeze this in a
> little at a time.

Looking at this a little closer, I see there's a fix to the problematic
file that was committed to upstream CVS that made it into 3.9.5 but not
into 3.9.4-5+squeeze2.  Both changes are to the same block of code.  I
probably got a fix too soon.  I'll see if that's the culprit, and if it
is, I'll upload a fix.  I have to coordinate with security.  That's all
for now...I'll send additional messages when I have something to report.

-- 
Jay Berkenbilt <[email protected]>



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to