On Thu, Dec 02, 2010 at 02:52:26PM +1000, Peter Williams wrote:
A heads up. I'm currently working on a major upgrade to gquilt. Do you
need me to tell me when I do the release?
That would be great! Generally I get somehow notified by
Debian's upstream-watching scripts, but an extra reminder
Hi all,
Since we are currently in deep freeze for Squeeze, I'm very
hesitant to ask the release managers to make an exception
for a new release. (I wish I'd known that the new release
fixed important bugs! I glanced at the changelog but it
seemed like it was all trivial or irrelevant-for-Debian
On 02/12/10 13:22, Christine Spang wrote:
Hi all,
Since we are currently in deep freeze for Squeeze, I'm very
hesitant to ask the release managers to make an exception
for a new release. (I wish I'd known that the new release
fixed important bugs! I glanced at the changelog but it
seemed like
Hi Christine,
On Thu, Dec 2, 2010 at 04:22, Christine Spang sp...@mit.edu wrote:
It looks like gquilt doesn't actually require PYTHONPATH to
be set, anyway, since python already adds the directory of
the executed script to sys.path. I propose the following
patch:
That patch seems ok.
found 605155 0.20-2 0.22-1
tags 605155 fixed-upstream
thanks
Hi Peter
On Sun, Nov 28, 2010 at 01:11, Peter Williams pwil3...@bigpond.net.au wrote:
Please update to gquilt-0.24 (released about 7 weeks ago) as the above
problem is no longer present in the code.
Thanks for letting us know!
Processing commands for cont...@bugs.debian.org:
found 605155 0.20-2 0.22-1
Unknown command or malformed arguments to command.
tags 605155 fixed-upstream
Bug #605155 [gquilt] gquilt: Use of PYTHONPATH env var in an insecure way
Bug #605152 [gquilt] gquilt: Use of PYTHONPATH env var in an
Package: gquilt
Version: 0.22-1
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong,
On 28/11/10 08:38, Sandro Tosi wrote:
Package: gquilt
Version: 0.22-1
Severity: grave
Tags: security
User: debian-pyt...@lists.debian.org
Usertags: pythonpath
Jakub Wilk performed an analysis[1] for packages setting PYTHONPATH in
an insecure way. Those packages do something like:
8 matches
Mail list logo