Bug#696816: patches look good, comments not :)
Holger Levsen
holger at layer-acht.org
Sat Jan 26 11:10:19 UTC 2013
Hi,
I've reviewed http://mentors.debian.net/debian/pool/main/j/jenkins/jenkins_1.447.2+dfsg-2.1.dsc and compared to the actual commits in jenkins git
and found that the patches were the right ones, but the comments were wrong, referring the other one:
$ git show 1d48e7bf8254349a19328d56bd8006635a95866d > ../CVE-2012-6074
$ git show ab0ac1ac499f734892c2203edc508a6dbf5fa42d > ../CVE-2012-6073
$ dpkg-source -x jenkins_1.447.2+dfsg-2.1.dsc
$ diff ../CVE-2012-6074 jenkins-1.447.2+dfsg/debian/patches/security/CVE-2012-6073.patch |grep commit
< commit 1d48e7bf8254349a19328d56bd8006635a95866d
> Origin: Upstream, commit ab0ac1ac499f734892c2203edc508a6dbf5fa42d
$ diff ../CVE-2012-6073 jenkins-1.447.2+dfsg/debian/patches/security/CVE-2012-6074.patch |grep commit
< commit ab0ac1ac499f734892c2203edc508a6dbf5fa42d
> Origin: Upstream, commit 1d48e7bf8254349a19328d56bd8006635a95866d
James, do you plan to upload this (after fixing the patch comments)? Else I'd be happy to NMU...
cheers,
Holger
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20130126/60ef0182/attachment.html>
More information about the pkg-java-maintainers
mailing list