> I would like to apply fixes for some CVE's which are addressed in 2.5 but not
> yet in 2.4. this would include
>
> CVE-2007-4965
> CVE-2008-1679
> CVE-2008-1721
> CVE-2008-2315
> CVE-2008-3144
> CVE-2008-1887
> CVE-2008-4864
Can you identify the revisions that would need backporting?
I could only find (trunk revisions)
CVE-2007-4965: r65880
CVE-2008-1721: r62235, issue2586
CVE-2008-3144: issue2588, issue2589, r63734, r63728.
CVE-2008-1887: issue2587, r62261, r62271
CVE-2008-4864: r66689
So what about
CVE-2008-1679: claimed to be issue1179 in the CVE, but
that says it fixes CVE-2007-4965 only?
CVE-2008-2315
In principle, this is fine with me, so go ahead.
Regards,
Martin
--
http://mail.python.org/mailman/listinfo/python-list
