Public bug reported:
Please sync libsoup2.4 2.34.3-1 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
The CVE patch was taken from upstream which is included in the new release
Changelog entries since current oneiric version 2.34.2-2ubuntu1:
libsoup2.4 (2.34.3-1) unstable; urgency=high
* New upstream release.
- Fixes CVE-2011-2524: SoupServer directory traversal vulnerability.
Closes: #635837
* debian/watch: Switch to .bz2 tarballs.
* debian/patches/01_memleaks.patch: Remove, merged upstream.
* Bump Standards-Version to 3.9.2. No further changes.
* Bump debhelper compatibility level to 8.
- Update Build-Depends on debhelper.
- Strip debian/tmp/ from .install files.
* Urgency high for the security fix.
-- Michael Biebl <bi...@debian.org> Fri, 29 Jul 2011 03:44:00 +0200
** Affects: libsoup2.4 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/818569
Title:
Sync libsoup2.4 2.34.3-1 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libsoup2.4/+bug/818569/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
