Hi, On Wed, 2011-04-06 at 22:26 +0100, Adam D. Barratt wrote: > On Sun, 2011-04-03 at 07:44 -0700, Daniel Burrows wrote: > > The version of aptitude in stable contains a security bug that could > > theoretically allow a symlink attack in /tmp. [...] > Thanks. That does seem a rather narrow attack vector. :-) > Nevertheless, assuming the patch has been tested in a squeeze > environment and there aren't any other changes involved, please feel > free to upload 0.6.3-3.2+squeeze1 to stable adding that patch. > > If the same patch also applies to oldstable and has been tested there, > then uploading an updated package for lenny would also be okay.
Any news on either of the uploads? Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
