[Pkg-privacy-maintainers] [half urgent] RFS onionshare 0.8.1-2 to fix CVE
u
u at 451f.org
Fri May 27 08:51:19 UTC 2016
Hi!
There is a CVE for onionshare, so I've patched the current 0.8.1-1
package in Debian unstable and now I need somebody to upload that.
I've built and tested this.
Here's what the security team wrote:
"See https://security-tracker.debian.org/tracker/CVE-2016-5026
Please fix this as usual in unstable (could you please reference the
CVE id), and for jessie via the next jessie point release (onionshare
beeing in contrib is not supported security-wise, furthermore the issue
is minor, since as well neutralized by the kernel hardening)."
Anybody? I've created a tag this time, although normally we create a tag
only after the upload has been done.
I've also updated the jessie-backport, if that could be uploaded too
that would be great.
0.6.3 is not affected.
Cheers!
u.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-privacy-maintainers/attachments/20160527/29df09f5/attachment.sig>
More information about the Pkg-privacy-maintainers
mailing list