Thanks for the debdiff. Unfortunately, I cannot process it at this time because of the following: * cve-2010-2448.patch does not match the upstream commit (you use it++ where upstream uses ++it. Even if this is logically equivalent, it makes future maintenance more difficult). If it you require the change, can you explain here why? * cve-2010-2934.patch in debian/patches does not match up at all with the upstream commit in the DEP-3 comments. Is this the right patch? Perhaps the DEP-3 comment just needs to be adjusted.... * There is trailing whitespace on this line of the changelog: "- debian/patches/cve-2010-2934.patch: modify IRCSock.cpp, " (I would just fix this myself, but you need to update the debdiff for other reasons)
cve-2010-2812.patch is considerably different than upstream, but it looks ok as a backport. Can you make the above change and resubmit the debdiff? Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1090195 Title: ZNC security report: CVEs for Lucid, Hardy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1090195/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
