-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 07.10.2010 20:22, schrieb Mehdi Dogguy: > [ CC'ing Christoph Haas since he's the uploader ] > > On 06/10/2010 09:57, Jordi Mallach wrote: >> Package: release.debian.org Severity: normal User: >> release.debian....@packages.debian.org Usertags: freeze-exception >> >> Please unblock package zabbix >> >> Zabbix 1.8.3 includes a security fix (CVE-2010-2790) plus a series of >> important packaging fixes. >> > > The diff is quite large. I don't think it's reasonable to unblocking it at > this stage of the freeze. > > 643 files changed, 57774 insertions(+), 93146 deletions(-) > > Most of the changes are packaging related. Concerning the security bug, it > seems possible to extract a fix. Looking at the diff (file attached) for > frontends/php/include/classes/class.curl.php, it seems pretty easy to > provide a simple fix. Why didn't you try to do that instead of introducing > this new upstream release?
Bad timing. I really had hoped to have 1.8.3 ready before Squeeze got frozen because refactoring the Debian packages was desperately necessary. Okay, I'm talking to the upstream about a minimal patch to fix this very issue. Christoph -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyxqJkACgkQCV53xXnMZYbIugCfS9sLp2W0hNabH1StAAi381Ce YrMAoLIwbg4xZFsbIGbLUaXUYzmqkJ5f =HI+F -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4cb1a89d.8050...@debian.org
