squeeze update of libmodule-signature-perl?

Salvatore Bonaccorso carnil at debian.org
Fri May 15 18:23:45 UTC 2015 

Hi,

On Fri, Apr 24, 2015 at 06:36:28AM +0200, Salvatore Bonaccorso wrote:
> Hi Raphael,
> 
> On Mon, Apr 20, 2015 at 03:54:51PM +0200, Raphael Hertzog wrote:
> > Hello dear maintainer(s),
> > 
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Squeeze version of libmodule-signature-perl:
> > https://security-tracker.debian.org/tracker/source-package/libmodule-signature-perl
> > 
> > Would you like to take care of this yourself? We are still understaffed so
> > any help is always highly appreciated.
> > 
> > If yes, please follow the workflow we have defined here:
> > http://wiki.debian.org/LTS/Development
> > 
> > If that workflow is a burden to you, feel free to just prepare an
> > updated source package and send it to debian-lts at lists.debian.org
> > (via a debdiff, or with an URL pointing to the the source package,
> > or even with a pointer to your packaging repository), and the members
> > of the LTS team will take care of the rest. Indicate clearly whether you
> > have tested the updated package or not.
> > 
> > If you don't want to take care of this update, it's not a problem, we
> > will do our best with your package. Just let us know whether you would
> > like to review and/or test the updated package before it gets released.
> > 
> > Thank you very much.
> 
> Sorry for the late relpy. I will first focus on the wheezy, jessie and
> unstable upload but might then as well look at it for squeeze-lts (no
> commitment yet to it).
> 
> In case somebody else takes care of it would be great if the changes
> can be pushed back in a squeeze branch in the pkg-perl repos.
> 
> Note that it needs to be investigated if libtest-signature-perl will
> need an adaption for the changes.

Small heads up on this: I just have released updates for
wheezy-security and jessie-security, but wont have time to look at
squeeze-lts as well this weekend. In case a LTS team member wants to
take it, I updated as well libtest-signature-perl for compatiblity
with the fix for CVE-2015-3407. For doing a test one could use
libtest-distmanifest-perl.

Regards,
Salvatore

More information about the pkg-perl-maintainers mailing list