Hi Michael, On Sat, Sep 20, 2014 at 06:29:52PM +0200, Julien Cristau wrote: > Control: tag -1 confirmed > > On Wed, Oct 16, 2013 at 18:41:29 +0200, Michael Biebl wrote: > > > Package: release.debian.org > > Severity: normal > > User: [email protected] > > Usertags: pu > > > > As discussed in [1], I'd like to upload a fix for CVE-2013-4288 for > > policykit-1 to stable. > > The patch itself has been applied to the unstable version as well (in > > 0.105-3+nmu1). > > > > Please let me know if I can proceed with the stable upload to get this > > fix into 7.3. > > > [a year passes...] > > Hi Michael, > > if this is still on the cards and the libvirt maintainer is still > interested please go ahead with an upload.
ping? I was looking into the open CVEs for libvirt, and stumbled over this one. Is this still planned or was there some followup issues? I concretely was looking at CVE-2013-4311/libvirt which since 0.9.12.3-1 has "sourcewise" support for 3-arg pkcheck syntax, but needs accordingly an updated policykit-1 and an according rebuild to be fixed. Regards, Salvatore -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
