Hi,
I've reviewed
http://mentors.debian.net/debian/pool/main/j/jenkins/jenkins_1.447.2+dfsg-2.1.dsc
and compared to the actual commits in jenkins git
and found that the patches were the right ones, but the comments were wrong,
referring the other one:
$ git show 1d48e7bf8254349a19328d56bd8006635a95866d > ../CVE-2012-6074
$ git show ab0ac1ac499f734892c2203edc508a6dbf5fa42d > ../CVE-2012-6073
$ dpkg-source -x jenkins_1.447.2+dfsg-2.1.dsc
$ diff ../CVE-2012-6074
jenkins-1.447.2+dfsg/debian/patches/security/CVE-2012-6073.patch |grep commit
< commit 1d48e7bf8254349a19328d56bd8006635a95866d
> Origin: Upstream, commit ab0ac1ac499f734892c2203edc508a6dbf5fa42d
$ diff ../CVE-2012-6073
jenkins-1.447.2+dfsg/debian/patches/security/CVE-2012-6074.patch |grep commit
< commit ab0ac1ac499f734892c2203edc508a6dbf5fa42d
> Origin: Upstream, commit 1d48e7bf8254349a19328d56bd8006635a95866d
James, do you plan to upload this (after fixing the patch comments)? Else I'd
be happy to NMU...
cheers,
Holger
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
[email protected] for discussions and questions.
