2010/1/21 Adam D. Barratt <[email protected]>: > Hi, > > Raphael Geissert wrote: >> >> I know the SPU freeze is coming, but I'm going to try to get the new >> version on time. >> >> I intend to release a DSA to fix a couple of security issues on >> Friday or Saturday. As such, I'd like to avoid having to prepare two >> different versions (a SPU and later a DSA) and would like to include >> the SPU changes on the DSA. >> >> Attached are the non-sec patches. > > At first glance none of the patches looks like it would be a particular > problem, but as you didn't include any information about them I > unfortunately don't know what they're supposed to be fixing. :-) > > Please could you provide a brief overview of the patches? The proposed > changelog entries would probably suffice. >
The bugs are: #523073: missing sybase function aliases, which completely breaks any application using those set of functions instead of mssql's. #565387: a minor heap buffer overflow on 64bits systems on the odbc extension. #556459: emails with ? and = characters being treated as invalid by the filter extension. #529278: an integer overflow in the curl_read callback function which makes some operations look like they failed when they did not. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
