On Mon, Aug 02, 2010 at 04:11:28PM -0400, Adam D. Barratt wrote: > Hi, > > On Thu, July 29, 2010 10:02, Guido Günther wrote: > > I'd like to upload a new version of libvirt to stable fixing two issues: > > > > * CVE-2010-2242: Apply a source port mapping to virtual network > > masquerading > > * Fix path to hvmloader. (Closes: #573808) > > > > The first fixes a minor security issue, the update is the backport of an > > upstream fix: > > So far as I can see, the fix for this hasn't been applied to the unstable > packages yet? It's fixed in unstable with 0.8.2-1. I've added #591938 for that case. The version in stable is only affected by CVE-2010-2242.
> Where fixes are applicable to both the unstable and stable packages, the > preferred procedure is that the fix is applied to unstable first and then > to stable if no issues are found in unstable. The code changed quiet a bit but the fix is the same. Cheers, -- Guido -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
