On Thu, Oct 18, 2012 at 08:14:08PM +0100, Adam D. Barratt wrote:
> On Wed, 2012-10-17 at 13:33 -0700, Roland Dreier wrote:
> > > Whilst this has now been fixed in unstable, it was via the upload of a
> > > new upstream which adds over 2000 lines of new code (and doesn't even
> > > directly include the security fix) and with a debhelper compat bump
> > > thrown in on the packaging side.
> [...]
> > I can easily prepare a 1.0.15-2 package that has just the CVE fix in it
> > relative to what's in wheezy, but is there anywhere I can upload it to
> > so that it gets into wheezy?
>
> Yes, t-p-u. :-) (i.e. testing-proposed-updates).
>
> A version of "1.0.15-1+deb7u1" would be more conventional here, in order
> to indicate that the upload was made out of sequence and specifically
> targeted at wheezy rather than unstable. 1.0.15-2 would work, assuming
> it's never been used for any upload to Debian.
>
> Please prepare the upload, using "wheezy" as the distribution in the
> changelog and attach the debdiff to a release.debian.org unblock bug -
> reportbug will create a correctly usertagged bug - indicating in the
> body of the report that it's intended for t-p-u. We'll check the debdiff
> and assuming everything is okay you can then upload to ftp-master as
> usual.
Roland,
can you please post the debdiff?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
