On Thu, Nov 01, 2007 at 06:56:33PM +1100, Steffen Joeris wrote: > Hi Simon > > On Thu, 1 Nov 2007 05:35:36 pm Simon Horman wrote: > > I wish to advise that a security vulnerability has been found in > > perdition which may lead to an attacker being able to execute arbitrary > > code on the machine running perdition without the need for > > authentication. > Thank you very much for the information and the great cooperation. > > > The bug will be hence forth tracked as CVE-2007-5740 > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 > As soon as the CVE shows up in the tracker and on the mitre page, I will mark > it as fixed in sid accordingly. > > Do you expect any problems with the migration from unstable to testing? The > last uploads show that the package migrated after the quarantine time > according to the urgency. Therefore, I suspect that the package should > migrate after two days (assuming that all the buildds pick it up). Thus, > there should be no need for a DTSA. I will inform you though, if that should > change and then give you a go for an upload, if migration does not happen > soonish.
Hi Steffen, thanks for getting back to me. I don't expect any problems with the migration, as the change is quite minor and it already seems to have built successfully on many architectures. I guess the only problem might be some dependancy related blockage. We should know soon. Just for the record, the 1.17-8+lenny1 packages I prepared and and 1.17.1-1 are be very nearly the same thing. -- Horms H: http://www.vergenet.net/~horms/ W: http://www.valinux.co.jp/en/ _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
