[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#402042: CVE 2006 4334 taken care of in 1.3.7+ ?

From: Bdale Garbee
Subject: Re: Bug#402042: CVE 2006 4334 taken care of in 1.3.7+ ?
Date: Fri, 08 Dec 2006 09:46:21 -0600

On Thu, 2006-12-07 at 09:47 -0800, Paul Eggert wrote:
> I don't
> know why two markedly different patches were applied, but I assume
> that either set will do, and I took the 1.3.5-15 patches as being
> simpler and easier to understand.

I think that should be ok.

Patches for security issues in the stable release of Debian are
generally prepared and uploaded by members of the security team
relatively independently of actions of the primary maintainer of a
package.  That's a good thing when it causes bugs to get fixed in the
stable release more quickly, but it can lead to this kind of difference

To be frank, I don't recall the details of why I picked the patch that I
did for Debian's 1.3.5-15, or whether I was aware that it was different
from what got used for the stable release.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]