Hi On Sat, Sep 27, 2014 at 08:20:32AM +0200, Salvatore Bonaccorso wrote: > Hi Michael, > > On Sat, Sep 20, 2014 at 06:29:52PM +0200, Julien Cristau wrote: > > Control: tag -1 confirmed > > > > On Wed, Oct 16, 2013 at 18:41:29 +0200, Michael Biebl wrote: > > > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian....@packages.debian.org > > > Usertags: pu > > > > > > As discussed in [1], I'd like to upload a fix for CVE-2013-4288 for > > > policykit-1 to stable. > > > The patch itself has been applied to the unstable version as well (in > > > 0.105-3+nmu1). > > > > > > Please let me know if I can proceed with the stable upload to get this > > > fix into 7.3. > > > > > [a year passes...] > > > > Hi Michael, > > > > if this is still on the cards and the libvirt maintainer is still > > interested please go ahead with an upload. > > ping? I was looking into the open CVEs for libvirt, and stumbled over > this one. Is this still planned or was there some followup issues?
As said on IRC, I overlooked the date when Julien had sent the ping. Sorry about that, should have paid more attention to this. Once policykit-1 would be in stable where will be neede a rebuild of libvirt for having that fixed also on libvirt's side. Additionally though a libvirt upload to wheezy-security is also planned for CVE-2014-3633. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140927063853.GB25493@eldamar.local
