Hi Florian, On Thu, May 12, 2005 at 12:45:45AM +0200, Florian Ernst wrote:
> please grant a freeze exception for the ht package replacing the > current ht_0.8.0-1 with 0.8.0-2, of course pending the (so far) > missing powerpc and m68k builds and the usual grace period. > Bug#308587 (grave, security) has been fixed in ht_0.8.0-2, the changelog > reads as follows: > +ht (0.8.0-2) unstable; urgency=high > + > + * Urgency high due to security fix > + * Security fix pulled from upstream CVS (Closes: #308587) > + + fix an integer overflow in the ELF segment parsing > + (cplus-dem.c, htanaly.cc, htcoff.cc, htelf.cc, htpef.cc, htpeimp.cc) > + + fix some buffer overflows in the PE parser > + (htperes.cc) > + + this is also Gentoo GLSA 200505-08 > + Thanks a lot to Moritz Muehlenhoff for the report! > + * debian/control: added upstream homepage to long description > + > + -- Florian Ernst <[EMAIL PROTECTED]> Wed, 11 May 2005 20:02:24 +0200 Yes, approved. > No further changes have been applied, the package is lintian / linda / > debdiff clean and seems to compile (pbuilder) and run (chroot) just > fine. omg, I feel like being back at d-mentors again... :) ;) Thanks, -- Steve Langasek postmodern programmer
signature.asc
Description: Digital signature
