Hi Salvatore, Thanks for your answer.
For the record, I created the bug report #826429 for the stable upload. Cheers, Pierre Le 05/06/2016 14:49, Salvatore Bonaccorso a écrit : > Hi Pierre, > > On Sun, Jun 05, 2016 at 01:34:53PM +0200, Pierre Schweitzer wrote: >> Dear all, >> >> The CVE 2016-4414 was identified earlier in Quassel, which allows an >> unauthenticated remote DoS in quassel-core. Its associated bug report in >> Debian BTS is: #826402. >> Please find attached a debdiff & dsc that address the backport for >> fixing the vulnerability in Jessie. >> Please, note that due 'compilation' issues (Quassel build for jessie >> isn't C++11 ready), I removed cosmetic change from the cherrypicked >> commit (return 0 -> return nullptr) and only kept functional changes. >> Would you be able to sponsor the upload, as I can't? >> Thanks for your help. > > Thanks for preparing the update. As the issue is 'no-dsa', you first > need to get an ack from the stable release managers. There is > documentation here, hope it helps: > > https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#upload-stable > > Hope then someone of the maintainers of src:quassel can sponsor your > upload (preferred), if not please let me know. > > Regards and thanks! > Salvatore > -- Pierre Schweitzer <pierre at reactos.org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras