* Florian Weimer <[EMAIL PROTECTED]>: > * Lorenzo Martignoni: > > > The patch has been tested by me and by Paul Gear but further tests will > > be better, so your feedback will be very precious. > > Apart from the lack of CVE entry in the changelog, the package seems > to be fine. Both problems are fixed.
When I first emailed the security team and built the package I was convinced that the CVE entry was missing. It has been assigned on 20050719, one day after I opened of this bug but before my backport of the patch. I should have added it into the changelog.Debian. BTW, the CVE id is CAN-2005-2317. > There is a surprising reduction of the installation size when I > rebuild the package I could not track down, but the installed scripts > are identical. What do you mean? I rebuilt the package from sources (not using my own local copy but downloading the version I've put online) but the size of the .debs is still the same (~150Kb) and the size of the data section is the same too (~760Kb). -- lorenzo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
