[PKG-Openstack-devel] Bug#778618: Bug#778618: This patch is not enough
Gaudenz Steinlin
gaudenz at debian.org
Fri Feb 27 22:03:51 UTC 2015
Thomas Goirand <zigo at debian.org> writes:
> Hi,
>
> I'm not supposed to disclose too much yet, but I have to write in this
> bug still.
>
> The provided patch is *not enough* and the issue is still being
> discussed upstream. So I can't just patch novnc and be gone with it...
> I'll update this package as soon as upstream provides a working patch.
Do you have a link to the upstream discussion? Or is this about an
embargoed security issue?
>
> Cheers,
>
> Thomas Goirand (zigo)
Paul McMillan <paul at mcmillan.ws> writes:
> Thomas Goirand's comment is in response to an unrelated upstream bug
> in a different software package. The linked github patch is a complete
> fix for the reported issue.
>
> -Paul
I'm confused. What's true now, to which other upstream bug does this
refer? Can both of you please clarify.
We really need to solve this bug soon, otherwise significant parts of
OpenStack will get removed from jessie and probably won't be allowed
back in again.
If you agree that the linked github patch is complete, I can do an
upload if you lack the time to do so yourself. I can understand that
sensitive security issues are involved, but a bit more verboseness would
be nice.
Gaudenz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 810 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/openstack-devel/attachments/20150227/918c77fb/attachment.sig>
More information about the Openstack-devel
mailing list