Hi.
Looking at this right now.
But I'm a little bit surprised that the whole story begins in wheezy LTS.
Should this not start in unstable with a bug report?
On Tue, Oct 25, 2016 at 11:50:13AM -0400, Antoine Beaupré wrote:
> On 2016-10-20 09:59:53, Santiago Vila wrote:
> > Hi.
> >
> > Looking at this right now.
>
> Hi!
>
> Did you look at the LTS update or do you want us to process it?
Process it = make a release fo
Hi.
I would probably rename the patch to "03-cve-2016-8859" for unstable
(lowercase, and without .patch suffix, as none of the already existing
patches have it). Some day I will "convert" all my packages to be more
"mainstream", but I prefer to be consistent for now.
Other than that, thanks a lot
On Wed, Oct 26, 2016 at 01:43:00PM -0400, Antoine Beaupré wrote:
> I am not sure how to perform tests against tre, [...]
Well, the package included a test suite, but I had it disabled since a
long time because (I think) there was a test which failed.
I have now enabled it but without making erro
On Thu, 27 Oct 2016, Raphael Hertzog wrote:
> On Thu, 27 Oct 2016, Santiago Vila wrote:
> > On Wed, Oct 26, 2016 at 01:43:00PM -0400, Antoine Beaupré wrote:
> >
> > > I am not sure how to perform tests against tre, [...]
> >
> > Well, the package included
On Thu, 8 Dec 2016, Chris Lamb wrote:
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and
Hi. I've just uploaded unzip 6.0-21 for unstable, which fixes both
CVE-2014-9913 and CVE-2016-9844.
You will need this from debian/patches:
18-cve-2014-9913-unzip-buffer-overflow.patch
19-cve-2016-9844-zipinfo-buffer-overflow.patch
but for wheezy I would drop again the .patch ending I've just ad
On Tue, Oct 13, 2015 at 11:57:22PM +0100, b...@decadent.org.uk wrote:
> Hello dear maintainer(s),
>
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of unzip:
> https://security-tracker.debian.org/tracker/CVE-2015-7696
> https://security
