Public bug reported: Binary package hint: tinyproxy
I'm requesting a Freeze Exception for tinyproxy in lucid. The current version in Ubuntu is a diversion from Debian, as done by a MOTU member. However, in the updating process, it looks like a potential security fix was dropped even if it still applied to the new 1.6.x version they upgraded to. I've taken over tinyproxy in Debian very recently, after many years of no maintenance, and have worked with the new upstream authors to cleanup our buglist, forward patches and downstream bugs. The new upstream 1.8.x branch should fix all the open issues in Ubuntu, and upstream is really interested in having the new code in the LTS release, because it fixes most of the recurring bugreports. In short, the situation is: * In Ubuntu, the latest 1.6.x release is available in lucid. However, there's a potential security regression due to careless dropping of Debian patches. * In Debian unstable (should be in testing too, but the BTS is having versioning tracking problems which is preventing migration), 1.8.1 is available which fixes all of the Ubuntu/Debian issues. ** Affects: tinyproxy (Ubuntu) Importance: Undecided Status: New -- sync tinyproxy 1.8.1-3 from Debian unstable https://bugs.launchpad.net/bugs/556623 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs