Hello, Can libguac 0.6.0-2 be allowed into wheezy? It contains a fix for a security vulnerability (http://security-tracker.debian.org/tracker/CVE-2012-4415), but is being blocked because of the freeze.
Thanks, - Mike ---------- Forwarded message ---------- From: Nico Golde <[email protected]> Date: Wed, Sep 12, 2012 at 2:15 AM Subject: Re: guacd: buffer overflow: local users can execute arbitrary code as root To: Michael Jumper <[email protected]> Cc: Timo Juhani Lindfors <[email protected]>, Yaroslav Halchenko <[email protected]>, Michael Jumper <[email protected]>, [email protected], Paul Tagliamonte <[email protected]> Hi, * Michael Jumper <[email protected]> [2012-09-11 20:46]: > On Tue, Sep 11, 2012 at 10:59 AM, Nico Golde <[email protected]> wrote: > > > > CVE-2012-4415 got assigned to this issue. Please include this identifier in > > the changelog for the fixed package. > > > > Updated (changed "testing-security" to "unstable", added reference to > CVE number). New source packages now at: > http://guac-dev.org/pub/debian/0.6.0-2 > > I would like to announce the upstream 0.6.3 release at the > approximately same time this fix hits Debian, such that neither > upstream nor those using the Debian repositories are left without an > available patched version. Thanks, I just uploaded your package. Cheers Nico -- Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0xA0A0AAAA
pgpyUY6NzAoF5.pgp
Description: PGP signature
