On Sat, 2010-10-02 at 13:44 -0400, Jay Berkenbilt wrote: > I had overlooked that bug 595064 was a security bug that fixed > CVE-2010-3364. I think perhaps a CVE number had not been assigned when > the bug was originally reported. In any case, I upgraded the bug to > grave and uploaded tiff-3.9.4-4 with a fix to it. The fix changes one > line of code, and I didn't make any other changes to the package. Since > this is a security-related fix that should be able to enter testing > through unstable, I am requesting a freeze exception. Otherwise, it can > be handled through normal security channels. I uploaded it with urgency > high and mentioned the CVE number in the changelog.
Unblocked. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1286095499.6044.10.ca...@hathi.jungle.funky-badger.org
