Hi Steven, Cc'ing team@security.d.o
On Wed, Jun 19, 2013 at 09:23:49PM +0100, Steven Chamberlain wrote: > Attached are proposed debdiffs for an upload to wheezy-security, based > on the version currently in wheezy. Thanks Steven and Christoph for working on this issue. > The versioning scheme for the last security upload (with +deb70.$n) > looks a bit weird to me (and it has lower value than the next changelog > entry). So I also attach a second debdiff, proposing a different form. Debdiff should be based on current wheezy(-security) version, so make the debdiff part for the changelog (i.e. without the unstable changelog part): > diff -Nru kfreebsd-9-9.0/debian/changelog kfreebsd-9-9.0/debian/changelog > --- kfreebsd-9-9.0/debian/changelog 2013-05-01 13:59:20.000000000 +0100 > +++ kfreebsd-9-9.0/debian/changelog 2013-06-19 20:49:15.000000000 +0100 > @@ -1,3 +1,17 @@ > +kfreebsd-9 (9.0-10+deb70.2) wheezy-security; urgency=high > + > + * Team upload. > + * Upload for wheezy-security > + * Pick SVN 251902 from FreeBSD 9-STABLE to fix SA-13:06 / CVE-2013-2171: > + Privilege escalation via mmap (Closes: #712664) > + > + -- Steven Chamberlain <ste...@pyro.eu.org> Wed, 19 Jun 2013 20:36:54 +0100 > + > kfreebsd-9 (9.0-10+deb70.1) wheezy-security; urgency=high > > * Upload for wheezy-security [...] The versioning is indeed a bit ugly (preferred would have beeen also for the previous one +deb7uX, and incrementing X, there is a pending update for dev-ref describing this, see [1]). [1] http://bugs.debian.org/709218 > Please could someone with the necessary access, open a security.d.o RT > ticket asking permission to upload whichever one of these, and for a DSA > to be issued? Small remark on this one: You also can do that in every case, no necessary permissions for RT are needed: write a mail to secur...@rt.debian.org with subject containing [Debian RT], see [2]. [2] http://wiki.debian.org/rt.debian.org#Security_Team Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130620042827.GA23959@elende
