Fixing "lucky 13" CVE-2013-0169 in gnutls28
Andreas Metzler
ametzler at downhill.at.eu.org
Tue Mar 19 19:06:38 UTC 2013
On 2013-03-18 Julien Cristau <jcristau at debian.org> wrote:
> On Sun, Mar 17, 2013 at 19:26:10 +0100, Andreas Metzler wrote:
>> On 2013-03-17 Julien Cristau <jcristau at debian.org> wrote:
>>> On Sun, Mar 17, 2013 at 16:00:29 +0100, Andreas Metzler wrote:
>> [...]
>>>> 2. If armel armhf mipsel break due to --disable-largefile stop using
>>>> --disable-largefile there and stop providing guile-gnutls on these
>>>> archs.
>>> OK I think I'm confused. How would you detect breakage due to
>>> disable-largefile?
>> bug-report
> There's no time for that, I would expect any breakage to only be
> uncovered post release, ie too late.
Hello,
In that case we could simply decide to not ship guile-gnutls on these
three archs.
Find attached a proposed patch. Its rather obvious downside is that it
will break on ports, due to using a negative list ("all except") where
possible and a positive list else:
--------
Build-Depends and debian/rules: [!armel !armhf !mipsel]
Package: guile-gnutls
Architecture: amd64 hurd-i386 i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips powerpc s390 s390x sparc
--------
I can use a positive list in all instances instead if you prefer.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list