Hi Pierre, On Sun, Jun 05, 2016 at 01:34:53PM +0200, Pierre Schweitzer wrote: > Dear all, > > The CVE 2016-4414 was identified earlier in Quassel, which allows an > unauthenticated remote DoS in quassel-core. Its associated bug report in > Debian BTS is: #826402. > Please find attached a debdiff & dsc that address the backport for > fixing the vulnerability in Jessie. > Please, note that due 'compilation' issues (Quassel build for jessie > isn't C++11 ready), I removed cosmetic change from the cherrypicked > commit (return 0 -> return nullptr) and only kept functional changes. > Would you be able to sponsor the upload, as I can't? > Thanks for your help.
Thanks for preparing the update. As the issue is 'no-dsa', you first need to get an ack from the stable release managers. There is documentation here, hope it helps: https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#upload-stable Hope then someone of the maintainers of src:quassel can sponsor your upload (preferred), if not please let me know. Regards and thanks! Salvatore _______________________________________________ pkg-kde-extras mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
