Sébastien Delafond writes:
> On Apr/10, Felix Natter wrote:
>> Yes and no. On jessie the patch did not cleanly apply, so I would have
>> had to apply that change manually. Since removing the import has no
>> effect on the semantics of the program (as long as it still compiles),
>> I was too lazy.
Hello,
I am currently in the process to upload freeplane to security master.
Regards,
Markus
signature.asc
Description: OpenPGP digital signature
On Apr/10, Felix Natter wrote:
> Yes and no. On jessie the patch did not cleanly apply, so I would have
> had to apply that change manually. Since removing the import has no
> effect on the semantics of the program (as long as it still compiles),
> I was too lazy. It should be ok.
Let's leave it t
Salvatore Bonaccorso writes:
> Hi Felix,
hello Salvatore,
> Sorry for the delay in getting back to you.
>
> On Fri, Apr 06, 2018 at 09:40:40PM +0200, Felix Natter wrote:
>> hello Security Team,
>>
>> here are the CVE-2018-169 security updates for jessie and stretch:
>>
>> [jessie]
>> http
Hi Felix,
Sorry for the delay in getting back to you.
On Fri, Apr 06, 2018 at 09:40:40PM +0200, Felix Natter wrote:
> hello Security Team,
>
> here are the CVE-2018-169 security updates for jessie and stretch:
>
> [jessie]
> https://anonscm.debian.org/cgit/pkg-java/freeplane.git/log/?h=jess
Hi Felix,
On Fri, Apr 06, 2018 at 09:40:40PM +0200, Felix Natter wrote:
> hello Security Team,
>
> here are the CVE-2018-169 security updates for jessie and stretch:
>
> [jessie]
> https://anonscm.debian.org/cgit/pkg-java/freeplane.git/log/?h=jessie-CVE-2018-169
> (jessie-CVE-2018-16
hello Security Team,
here are the CVE-2018-169 security updates for jessie and stretch:
[jessie]
https://anonscm.debian.org/cgit/pkg-java/freeplane.git/log/?h=jessie-CVE-2018-169
(jessie-CVE-2018-169 branch)
[stretch]
https://anonscm.debian.org/cgit/pkg-java/freeplane.git/log/?h=stre
Salvatore Bonaccorso writes:
> Hi Felix,
hello Salvatore,
> On Sun, Apr 01, 2018 at 06:04:27PM +0200, Markus Koschany wrote:
>>
>>
>> Am 01.04.2018 um 17:57 schrieb Felix Natter:
>> [...]
>> > Thanks, done.
>> > BTW: Is it ok to close the bug with the stretch-security upload even if
>> > the
Hi Felix,
On Sun, Apr 01, 2018 at 06:04:27PM +0200, Markus Koschany wrote:
>
>
> Am 01.04.2018 um 17:57 schrieb Felix Natter:
> [...]
> > Thanks, done.
> > BTW: Is it ok to close the bug with the stretch-security upload even if
> > the jessie-security upload is still pending?
>
> Yes, that's ok
Am 01.04.2018 um 17:57 schrieb Felix Natter:
[...]
> Thanks, done.
> BTW: Is it ok to close the bug with the stretch-security upload even if
> the jessie-security upload is still pending?
Yes, that's ok. You can close the bug with both uploads.
> What is there to do next?
As soon as the securi
Markus Koschany writes:
> Hi Felix,
hello Markus,
> Am 01.04.2018 um 16:23 schrieb Felix Natter:
>> hello Markus,
>>
>> I have prepared the patched 1.5.18-1+deb9u1 for stretch
>> I hope I got the version number right? The changelog entry is probably
>> not correct either. Can you advice what t
Hi Felix,
Am 01.04.2018 um 16:23 schrieb Felix Natter:
> hello Markus,
>
> I have prepared the patched 1.5.18-1+deb9u1 for stretch
> I hope I got the version number right? The changelog entry is probably
> not correct either. Can you advice what to read?
>
> I briefly tested saving+loading mindm
hello Markus,
I have prepared the patched 1.5.18-1+deb9u1 for stretch
I hope I got the version number right? The changelog entry is probably
not correct either. Can you advice what to read?
I briefly tested saving+loading mindmaps.
Here it is:
https://anonscm.debian.org/cgit/pkg-java/freeplane.g
Am 24.03.2018 um 11:32 schrieb Felix Natter:
[...]
> Since I am hiking this weekend, would it be possible to do this as the
> first thing on the Easter weekend (next Friday)? I also need to fix the
> knopflerfish RC bug (#893221), I will look into that this morning.
>
> BTW: I *think* the patch
Markus Koschany writes:
> Am 22.03.2018 um 20:52 schrieb Felix Natter:
>> Markus Koschany writes:
>>
>>> Package: freeplane
>>> X-Debbugs-CC: t...@security.debian.org
>>> X-Debbugs-CC: fnat...@gmx.net
>>> Severity: important
>>> Tags: security
>>>
>>> Hi,
>>
>> hello Markus,
>>
>>> the follow
Am 22.03.2018 um 20:52 schrieb Felix Natter:
> Markus Koschany writes:
>
>> Package: freeplane
>> X-Debbugs-CC: t...@security.debian.org
>> X-Debbugs-CC: fnat...@gmx.net
>> Severity: important
>> Tags: security
>>
>> Hi,
>
> hello Markus,
>
>> the following vulnerability was published for freep
Markus Koschany writes:
> Package: freeplane
> X-Debbugs-CC: t...@security.debian.org
> X-Debbugs-CC: fnat...@gmx.net
> Severity: important
> Tags: security
>
> Hi,
hello Markus,
> the following vulnerability was published for freeplane. Apparently only
> stretch/jessie/wheezy might be affected
Looking at the release-1.5.20 tag:
Security fix related to scripts and formulas
Security fix related to loading of mind map files
Change short cuts for MacOS to avoid collisions
The fix might be:
https://github.com/freeplane/freeplane/commit/a5dce7f9f4d29675fb256053aee3858bf8d76001
Regards,
Sal
For reference: the issue is linked from the security advisory page at
https://www.freeplane.org/wiki/index.php/Fixed_security_vulnerabilities
. Ahtough there is unfortunately no reference to the fixing commit
(which wuould have been good for downstreams to help), we know the
versions fixed are 1.5.
Package: freeplane
X-Debbugs-CC: t...@security.debian.org
X-Debbugs-CC: fnat...@gmx.net
Severity: important
Tags: security
Hi,
the following vulnerability was published for freeplane. Apparently only
stretch/jessie/wheezy might be affected.
@Felix
Can you tell us more about this vulnerability? T
20 matches
Mail list logo