On Wed, May 27, 2015 at 11:57 AM, Raphael Hertzog <hert...@debian.org> wrote:
> On Mon, 18 May 2015, Vincent Fourmond wrote:
>> Attached is a diff from squeeze5 to the proposed squeeze6. It builds
>> fine now (including upstream test suite), but at the moment, I am
>> unable to check whether the security bugs supposedly fixed in the
>> release are fixed, if only because there are no publicly available
>> badly form input that would trigger the bug. I'll try to see what I
>> can do about that.
>
> It's not such a big deal if there are no files to trigger the various bugs.
> It's obviously better to be able to ensure that the issues are fixed, but
> what's even more important is to ensure that the tools still work as
> expected.
>
> Given the test suite and some basic testing, I suggest that you go ahead
> and upload the package (and release the DLA).
>
>> You'll find that some of the patches currently in LTS have been
>> renamed and slightly tweaked, but nothing has changed besides patch
>> name and meta-data:
>
> A small detail I noticed:
>
>> ---
>> imagemagick-6.6.0.4/debian/patches/0001-Description-Do-not-read-configure-files-in-the-curre.patch
>> 2014-04-04 17:02:24.000000000 +0200
>> +++
>> imagemagick-6.6.0.4/debian/patches/0001-Description-Do-not-read-configure-files-in-the-curre.patch
>> 2015-05-16 02:00:33.000000000 +0200
>> @@ -2,15 +2,13 @@
>> From: =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bast...@gmail.com>
>> Date: Wed, 25 Apr 2012 14:47:16 +0200
>> Subject: [PATCH] Description: Do not read configure files in the current
>> - directory for the "installed" version of ImageMagick.
>> - Patch pulled from upstream svn
>> - https://www.imagemagick.org/subversion/ImageMagick/trunk
>> - revision 3022. Author: Cristy <quetzlzacatenango@image...>
>> - Bug-Debian: http://bugs.debian.org/601824 Origin: upstream
>> - Last-Update: 2010-11-06
>> + directory for the "installed" version of ImageMagick. Patch pulled from
>> + upstream svn https://www.imagemagick.org/subversion/ImageMagick/trunk
>> + revision 3022. Author: Cristy <quetzlzacatenango@image...> Bug-Debian:
>> + http://bugs.debian.org/601824 Origin: upstream Last-Update: 2010-11-06
>
> The DEP-3 meta-data is just scrambled here...
That's weird, since the corresponding commit message is OK. I've
noticed that this has been there for a long while. Maybe a gitpkg bug.
I'm fixing that manually and uploading.
> otherwise the rest looked good.
OK. The upload is on its way, the DLA will have to wait a couple of
days more (until I get the time to figure out how to do it and do
it).
Cheers,
Vincent
--
To UNSUBSCRIBE, email to debian-lts-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/CAEnRq5MrUcmmay3y4kFo0Uaw6rQOmU=wdhqvjaijwqcog5n...@mail.gmail.com
