Re: [Evergreen] Patch for p7zip (CVE-2016-2335)
Am 20.07.2016 um 09:06 schrieb Michal Kubecek: > There is no need to open a new bug. Just create a maintenance request as > described in section "Packager information" of > > https://en.opensuse.org/openSUSE:Evergreen > > and refer to bsc#979823 in the changelog. A colleague of mine got around to doing it. I hope everything ended up in the right place: https://build.opensuse.org/request/show/412356 Regards -- Till -- Dipl.-Inform. Till Dörges doer...@pre-sense.de Tel. +49 - 40 - 244 2407 - 14 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbHSachsenstr. 5, D-20097 HH Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges, Jürgen Sander USt-IdNr.: DE263765024 Wir sind auf der it-sa: 18.-20.10.2016 http://www.it-sa.de ___ Evergreen mailing list Evergreen@lists.rosenauer.org http://lists.rosenauer.org/mailman/listinfo/evergreen
Re: [Evergreen] Patch for p7zip (CVE-2016-2335)
On Wed, Jul 20, 2016 at 08:53:36AM +0200, Bruno Friedmann wrote: > On mardi, 19 juillet 2016 22.24:46 h CEST Christian wrote: > > Am 19.07.2016 um 19:24 schrieb Bruno Friedmann: > > > On mardi, 19 juillet 2016 13.53:18 h CEST Till Dörges wrote: > > > > > > I guess it will be mandatory to open a new bug (security) topic and > > > point the one used for 13.2 > > > > Why opening a new BUG. Is the BUG boo#979823 used for 13.2 not good > > enough to be used with 13.1 ? > > > > You can always try but the bug is closed, so trying to explain why reopening > add 13.1, etc will consume almost same energy than a new bug. > > Personnally I would use a new bug procedure dedicated for evergreen. There is no need to open a new bug. Just create a maintenance request as described in section "Packager information" of https://en.opensuse.org/openSUSE:Evergreen and refer to bsc#979823 in the changelog. Michal Kubeček ___ Evergreen mailing list Evergreen@lists.rosenauer.org http://lists.rosenauer.org/mailman/listinfo/evergreen
Re: [Evergreen] Patch for p7zip (CVE-2016-2335)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 19.07.2016 um 19:24 schrieb Bruno Friedmann: > On mardi, 19 juillet 2016 13.53:18 h CEST Till Dörges wrote: > > I guess it will be mandatory to open a new bug (security) topic and > point the one used for 13.2 Why opening a new BUG. Is the BUG boo#979823 used for 13.2 not good enough to be used with 13.1 ? - -- Christian - - Please do not 'CC' me on list mails. Just reply to the list :) - Der ultimative shop für Sportbekleidung und Zubehör http://www.sc24.de - -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAEBAgAGBQJXjoyLAAoJEJa0gSx9X3QJBPwH/1/Au1H6WLm8710kbGzbcRuK INm1Am4cnqxuWaQFLjNneZ2Opj8ejC6McnMI0bmchDr+HgmL9OSLv0s6gqF/ye7T mLBFJmZSI+81eR4YQgcM3toyC8rrH65oD6JMYrm5+9asWbr6k8g1ipvz9gjQqhOK pboKRgKMu8DtLyW2tnY4SKErl3d5C+PfSDeUf85lkTm7GLSmqkaj5rgWzCSSYfrg UC5sQVoKlsD0IdSmVMn6iy8et1TTVwoYPn2ZTi7nE6w9uJAUyKf05WW0dyfevBEc DOKeamX0ptbHkHPQnxZL3U+9mPbdM327GOVpfFcRRBV8Wzp0Luuf5YGNb1eEmzk= =vCon -END PGP SIGNATURE- ___ Evergreen mailing list Evergreen@lists.rosenauer.org http://lists.rosenauer.org/mailman/listinfo/evergreen
[Evergreen] Patch for p7zip (CVE-2016-2335)
Hello all, I'm wondering whether a fix for p7zip for CVE-2016-2335 (see for example the advisory for 13.2 https://lists.opensuse.org/opensuse-updates/2016-06/msg4.html) is likely to arrive for 13.1 any time soon? Or if nothing is planned, is there anything I could do to help to make the fix happen? Thanks and regards -- Till -- Dipl.-Inform. Till Dörges doer...@pre-sense.de Tel. +49 - 40 - 244 2407 - 14 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbHSachsenstr. 5, D-20097 HH Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges, Jürgen Sander USt-IdNr.: DE263765024 Wir sind auf der it-sa: 18.-20.10.2016 http://www.it-sa.de ___ Evergreen mailing list Evergreen@lists.rosenauer.org http://lists.rosenauer.org/mailman/listinfo/evergreen