Bug#609641: Sudo gid security issue
unarchive 609641 fixed 609641 1.7.4p4-2.squeeze.1 On Tue, 2011-01-25 at 21:25 +0100, Moritz Mühlenhoff wrote: What's the status? This has been fixed in squeeze: http://packages.qa.debian.org/s/sudo/news/20110126T212727Z.html Best regards Alexander Kurtz signature.asc Description: This is a digitally signed message part
Bug#609641: Sudo gid security issue
On Tue, Jan 18, 2011 at 12:00:45PM -0700, Bdale Garbee wrote: On Tue, 18 Jan 2011 18:44:19 +0100, Thijs Kinkhorst th...@debian.org wrote: On Tuesday 18 January 2011 10:52:21 Bdale Garbee wrote: On Tue, 18 Jan 2011 09:20:21 +0100, Thijs Kinkhorst th...@debian.org wrote: I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid but not in squeeze (lenny not affected). Would you be able to provide an update via testing-proposed-updates for this? Let me know if you need someone from the security team to do it. There is already a pending unblock request to allow 1.7.4p4-6 to enter testing, #609839, which would I think be the best solution. Thanks. Today however the release team responded that they think such unblock is not acceptable and a testing-proposed-update is necessary. Are you able to work on this? Sigh. That means more work, a code branch that will have less testing, and a lower quality sudo package in squeeze than doing the simple thing. I don't have time to work on this today, but I'll try to get to it soon. What's the status? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#609641: Sudo gid security issue
Hi Bdale, I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid but not in squeeze (lenny not affected). Would you be able to provide an update via testing-proposed-updates for this? Let me know if you need someone from the security team to do it. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#609641: Sudo gid security issue
On Tue, 18 Jan 2011 09:20:21 +0100, Thijs Kinkhorst th...@debian.org wrote: I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid but not in squeeze (lenny not affected). Would you be able to provide an update via testing-proposed-updates for this? Let me know if you need someone from the security team to do it. There is already a pending unblock request to allow 1.7.4p4-6 to enter testing, #609839, which would I think be the best solution. Bdale pgphrBzmGyJoy.pgp Description: PGP signature
Bug#609641: Sudo gid security issue
On Tuesday 18 January 2011 10:52:21 Bdale Garbee wrote: On Tue, 18 Jan 2011 09:20:21 +0100, Thijs Kinkhorst th...@debian.org wrote: I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid but not in squeeze (lenny not affected). Would you be able to provide an update via testing-proposed-updates for this? Let me know if you need someone from the security team to do it. There is already a pending unblock request to allow 1.7.4p4-6 to enter testing, #609839, which would I think be the best solution. Thanks. Today however the release team responded that they think such unblock is not acceptable and a testing-proposed-update is necessary. Are you able to work on this? Thijs signature.asc Description: This is a digitally signed message part.
Bug#609641: Sudo gid security issue
On Tue, 18 Jan 2011 18:44:19 +0100, Thijs Kinkhorst th...@debian.org wrote: On Tuesday 18 January 2011 10:52:21 Bdale Garbee wrote: On Tue, 18 Jan 2011 09:20:21 +0100, Thijs Kinkhorst th...@debian.org wrote: I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid but not in squeeze (lenny not affected). Would you be able to provide an update via testing-proposed-updates for this? Let me know if you need someone from the security team to do it. There is already a pending unblock request to allow 1.7.4p4-6 to enter testing, #609839, which would I think be the best solution. Thanks. Today however the release team responded that they think such unblock is not acceptable and a testing-proposed-update is necessary. Are you able to work on this? Sigh. That means more work, a code branch that will have less testing, and a lower quality sudo package in squeeze than doing the simple thing. I don't have time to work on this today, but I'll try to get to it soon. Bdale pgp7JcV3h1ybW.pgp Description: PGP signature