Re: [Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny
On Mon, Aug 18, 2008 at 07:31:29PM +0300, Modestas Vainius wrote: Hi, pirmadienis 18 rugpjūtis 2008, thacrazze rašė: in the Amarok package is a security issue It is fixed in Amarok 1.4.10 (http://secunia.com/advisories/31418/, http://amarok.kde.org/en/releases/1/4/10) The fixed version has been in unstable for two days already. 1.4.10 is a new upstream release but: 1. The only real change since 1.4.9.1 is the security fix mentioned above and updates to translations. 2. The big upstream tarball diff comes from the differences in *autogenerated* autotools stuff. However, autotools stuff is regenerated each time package is built anyway so these differences can be safely ignored. 3. Packaging diff from 1.4.9.1-3 to 1.4.10-1 is just a new debian/changelog entry. What about: src/scripts/rbot/* doc/ru/* Why have these been deleted? Neil -- A. Because it breaks the logical sequence of discussion Q. Why is top posting bad? gpg key - http://www.halon.org.uk/pubkey.txt ; the.earth.li B345BDD3 signature.asc Description: Digital signature ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras
Re: [Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny
Hi, antradienis 19 rugpjūtis 2008, Neil McGovern rašė: What about: src/scripts/rbot/* rbot is an internal amarok IRC bot (or something similar). See src/scripts/rbot/README. It has never been installed to the user system (see src/scripts/Makefile.am in 1.4.9.1) doc/ru/* Not sure about this. Maybe this translation was found out to be too fuzzy. Anyway, it was upstream decision and it is just a translation. -- Modestas Vainius [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part. ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras
[Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny
Hallo, in the Amarok package is a security issue It is fixed in Amarok 1.4.10 (http://secunia.com/advisories/31418/, http://amarok.kde.org/en/releases/1/4/10) Please update the packages with the fix. thacrazze ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras
Re: [Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny
Hi, pirmadienis 18 rugpjūtis 2008, thacrazze rašė: in the Amarok package is a security issue It is fixed in Amarok 1.4.10 (http://secunia.com/advisories/31418/, http://amarok.kde.org/en/releases/1/4/10) The fixed version has been in unstable for two days already. 1.4.10 is a new upstream release but: 1. The only real change since 1.4.9.1 is the security fix mentioned above and updates to translations. 2. The big upstream tarball diff comes from the differences in *autogenerated* autotools stuff. However, autotools stuff is regenerated each time package is built anyway so these differences can be safely ignored. 3. Packaging diff from 1.4.9.1-3 to 1.4.10-1 is just a new debian/changelog entry. Given the reasons above, please unblock amarok 1.4.10-1 and allow it to migrate to Lenny. You can of couse delay 1.4.10-1 migration a bit if you want since the security issue in question is not very critical. -- Modestas Vainius [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part. ___ pkg-kde-extras mailing list pkg-kde-extras@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-kde-extras