Hi, On Sun, 2011-07-10 at 19:57 +0200, Romain Francoise wrote: > I'd like to upload the following update for libpcap in squeeze, it > addresses two bugs:
Thanks for working on this, and sorry for the slight delay in getting back to you. > - #612803: device detection is broken if the bonding module is loaded > because it creates an extra file in /sys/class/net, the upstream fix is > used verbatim. I debated this one given the low severity of the bug and that it only appears to cause issues under a small set of circumstances. However, the patch is small and obvious enough and I'd be happy to accept it in an upload fixing the security issue. > - #623868 (aka CVE-2011-1935): a security issue that was not serious > enough to warrant a DSA. The patch is the result of several upstream > commits that were backported to libpcap 1.1.1. So far as I can see from the diff and reading the log for #623868, this also includes changes related to #625443; is that correct? The bug log there mentions that the problem only occurs with libpcap 1.1.1-4, whereas squeeze has 1.1.1-2 - is the log incorrect, or does #625443 not actually affect stable? Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
