[pkg-horde] imp4 update for CVE-2010-0463 in stable
Gregory Colpart
reg at evolix.fr
Sat Jul 10 18:24:48 UTC 2010
On Sat, Jul 10, 2010 at 06:09:50PM +0100, Adam D. Barratt wrote:
>
> That diff appears to contain two sets of changes.
>
> The first set are for a -lenny1 upload dated August 2009, reverting some
> changes made in a previous upload and with stable-security in the
> changlog. However, I can't see any sign of that upload on security.d.o and
> the changes weren't mentioned in your message.
>
> If the changes for the fix for CVE-2010-0463 are those I suspect then they
> should be ok on their own but it's not entirely obvious from the diff.
There is two diffs:
* Fix errors in last security fix by upstream:
http://git.debian.org/?p=pkg-horde/imp4.git;a=commitdiff;h=a99ee22b3c53aa7ff537ee1f9fa4dc6d2e28e8e3
* Fix by upstream for CVE-2010-0463:
http://git.debian.org/?p=pkg-horde/imp4.git;a=commitdiff;h=881658ab0a535d11859086d10f91701a6380998c
from my point of view, this two diff are candidates for stable-proposed-updates.
Regards,
--
Gregory Colpart <reg at evolix.fr> GnuPG:1024D/C1027A0E
Evolix - Informatique et Logiciels Libres http://www.evolix.fr/
More information about the pkg-horde-hackers
mailing list