On Thu, May 03, 2018 at 07:29:42PM +0200, Maximiliano Curia wrote: > Hi, > > Following up the upstream announcement of a security flaw in > kwallet-pam [1] I would like to upload the upstream fixes to > stretch. All the versions prior the (not yet released) 5.12.6 are > affected by this. The fix was backported by upstream to plasma 5.8, > which is what we shipped in stretch. > > The latest 5.8 upstream version (5.8.9), only has a version bump, > and a minor translation update, which are not relevant. [2] > > I have already uploaded the fixes to unstable. > > I'm attaching the corresponding debdiff.
Looks good. Please build with -sa since kwallet-pam is new in stretch-security and upload to security-master. I'll take care of the DSA. Cheers, Moritz