Hi Didier Some comments on the debdiff.
The release name for wheezy is wheezy-security, not stable-security (nor oldstable-security). Apart from that I think the change looks fine to me. Will you send out the DLA regarding this or do you want me to do that? Please have a look here to see the work-flow: https://wiki.debian.org/LTS/Development If you want me to send the DLA, please let me know. If you decide to send out the DLA yourself, please make sure the package is accepted in the archives before you send out the DLA. It may not be accepted due to missing .orig file for example. I think you need to included the .orig file as this update is new to wheezy-security repo. Best regards // Ola On 27 December 2016 at 14:21, Didier 'OdyX' Raboud <[email protected]> wrote: > Dear LTS Team, > > I'd like to get CVE-2015-0839 fixed in wheezy, it's a no-DSA issue, and > security team members suggested to get it fixed in stable and oldstable. > > This bug is a simple 'fetching gpg key from keyservers with a short > keyid' problem, and upstream's fix is to use the full fingerprint. > > The debdiff is attached, can I upload as -is ? > > Cheers, > OdyX -- --- Inguza Technology AB --- MSc in Information Technology ---- / [email protected] Folkebogatan 26 \ | [email protected] 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
