Nelson A. de Oliveira wrote: > Hi! > > A security vulnerability has been found in optipng (Debian bug #505399, > SA (Secunia Advisory) http://secunia.com/Advisories/32651/). It has > been fixed in version 0.6.2 (that is already at experimental). > > Code change from 0.6.1 to 0.6.2 is a little big: > > lib/pngxtern/pngx.h | 22 > lib/pngxtern/pngxio.c | 5 > lib/pngxtern/pngxmem.c | 41 > lib/pngxtern/pngxrbmp.c | 67 - > src/opngoptim.c | 1777 +++++++++++++++++++++++++++++++++ > src/optipng.c | 2560 > +++++++++--------------------------------------- > src/optipng.h | 86 + > 7 files changed, 2473 insertions(+), 2085 deletions(-) > > You can see the diff at > http://people.debian.org/~naoliv/misc/optipng-0.6.1_0.6.2.diff.txt > > Probably it's a "no" to upload it to unstable (and let it migrate to > testing), right?
Right. > So do I have a pre-approval to upload it to unstable, including only a > patch to fix SA32651, please? Yes. Cheers Luk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
