2011/2/26 Thijs Kinkhorst <[email protected]>: > Hi Angel, > > On Thursday 24 February 2011 12:27:21 Angel Abad wrote: >> 2011/2/24 Adam D. Barratt <[email protected]>: >> > Hi, >> > >> > On Thu, February 24, 2011 10:16, Angel Abad wrote: >> >> I've prepared an upload to stable for package dajaxice, since >> >> python-django was patched for problems related with crsf cookies, >> >> dajaxice is unusable in squeeze. >> > >> > Was this issue introduced as a side-effect of the changes in DSA-2163-1, >> > specifically those marked as backwardly-incompatible? If so then it >> > would be good if this could also be fixed via the security archive, as >> > the regression was introduced in a security update (albeit in a >> > different package); I've CCed the security team for comment. >> >> Yes, you are right is a side-effect of DSA-2163-1 - CVE-2011-0696 > > Please upload the package to security-master then. Note that you need to > change the target in the changelog and build the package with full source (-sa > flag). Full checklist of packages for security-master is here: > http://www.debian.org/doc/developers-reference/pkgs.html#bug-security-building > > The security team will then take care of releasing it through security-master.
Uploaded, Thanks for your help in my first security upload. Regards! > Cheers, > Thijs > -- Angel Abad [email protected] | [email protected] | [email protected] http://www.pastelero.net FPR: EBF6 080D 59D4 008A DF47 00D4 098D AE47 EE3B C279 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/AANLkTim5EhGs+-OFjGds2BML79+goKy[email protected]
