On Wed, 2012-12-12 at 19:21 +0100, Moritz Muehlenhoff wrote: > I made a systematic trackdown of open security issues in Wheezy and would like > to summarise some issues in this mail. Some security blocks might be lost in > the backlog, it would be nice if someone go through this list:
Thanks for the list. Cherry-picking a little: > icecast2 / CVE-2011-4612 > I prepared a tpu backport a month ago. Can I go ahead and upload? > (691186) Replied. > weechat / CVE-2012-5534 / CVE-2012-5854 > There's a tpu request in #693702 Replied. > cityhash / CVE-2012-6051 > Given the circumstances (694999) I think removal from Wheezy is the way to go > forward. Removal hint added. > gimp / CVE-2012-5576 > Blocked by missing s390x build. I've contacted the buildd maints, but got > no reponse. Can anyone of you trigger a giveback? dpkg-shlibdeps: error: dpkg-query --control-path libc6:s390x shlibs died from signal 6 That doesn't look too healthy. :-/ Given back; let's see what happens. > qt4-x11 / CVE-2012-4929 > The transition of the fix is blocked by the ia64 build failure. No idea where > that is coming from? It often happens, we generally end up with a pile of give-backs which eventually work. The maintainers have raised it at https://lists.debian.org/debian-ia64/2012/12/msg00008.html Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
