[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-dev] Little issue about jailkit in Debian (urgent)

From: Olivier Sessink
Subject: Re: [Jailkit-dev] Little issue about jailkit in Debian (urgent)
Date: Thu, 15 Jul 2021 10:09:43 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0

Hi Eriberto,

yes it is secure to change only those two lines.

however, the only other change in 2.22 is in jk_lsh.c
which is also a (minor) security update (it improves security logging). 

I don't know what the policy for a frozen Debian is, but 2.22 is
functional identical to 2.21 with only security improvements. So isn't
it safer to use 2.22 ? There is no chance there could be any
incompatibility between 2.21 and 2.22 because there are no changes
besides security.


On 14-07-2021 17:09, Eriberto wrote:
> Hi Olivier,
> Debian is frozen to release a new version. At this time, is not
> possible to send new upstream (mainstream) releases to Debian, but is
> possible to make little changes to solve security or relevant bugs.
> Yesterday, the bug #991075 (see here[1]) was opened with this subject:
> "jailkit: python2 code causes jk_update to fail, leaving outdated
> jails".
> [1] https://bugs.debian.org/991075
> I need your help to solve this question: is secure to change only the
> file jk_update in version 2.21 to the file provided in 2.22? There are
> only two lines changed in jk_update from 2.22, but I need to know if
> all source code will work well after these changes.
> Thanks in advance.
> Regards,
> Eriberto
> _______________________________________________
> Jailkit-dev mailing list
> Jailkit-dev@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/jailkit-dev

Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]