On Fri, 2016-03-18 at 20:58 +0100, Salvatore Bonaccorso wrote: > HI Adam, > > Not Moritz here but can answer the question as well: > > On Fri, Mar 18, 2016 at 07:22:34PM +0000, Adam D. Barratt wrote: > > Control: tags -1 + moreinfo > > > > On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote: > > > I'd like to fix a security issue in GTK, which doesn't really warrant > > > a DSA. Debdiff below, I've been running this on my jessie > > > workstation for a day now. > > > > > > Cheers, > > > Moritz > > > > > > diff -Nru gtk+2.0-2.24.25/debian/changelog > > > gtk+2.0-2.24.25/debian/changelog > > > --- gtk+2.0-2.24.25/debian/changelog 2015-03-03 19:39:59.000000000 > > > +0100 > > > +++ gtk+2.0-2.24.25/debian/changelog 2016-03-17 23:20:16.000000000 > > > +0100 > > > @@ -1,3 +1,9 @@ > > > +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium > > > + > > > + * CVE-2013-7447 (Closes: #799275) > > > > The Security Tracker suggests that this isn't fixed in the version of > > gtk+2.0 in unstable; is that correct? > > Yes it is as well unfixed there. I just have proposed a NMU in > https://bugs.debian.org/799275#39
Thanks for that. If we don't notice, please feel free to remove the "moreinfo" tag once the NMU reaches unstable. Regards, Adam
