[pkg-go] Bug#850951: CVE-2016-9962
Tianon Gravi
tianon at debian.org
Wed Feb 1 04:54:08 UTC 2017
On 31 January 2017 at 20:46, Tianon Gravi <tianon at debian.org> wrote:
> I'm preparing a patch for the package now, but I'm curious what the
> implications of an upload will be so close to the freeze -- do we need
> to request a freeze exception or a migration adjustment after the
> updated package is up? Should I hold off on uploading? (would rather
> not lose "runc" from stretch)
CVE fix backported for v0.1.1 is attached (applies cleanly in the
current packaging when added to "debian/patches/series").
Happy to do the actual upload if I can get some guidance on how to
make sure it's done properly WRT freeze (or just as happy to leave it
to someone else). O:)
♥,
- Tianon
4096R / B42F 6819 007F 00F8 8E36 4FD4 036A 9C25 BF35 7DD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cve-2016-9962.patch
Type: text/x-patch
Size: 751 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-go-maintainers/attachments/20170131/0576a2f9/attachment.bin>
More information about the Pkg-go-maintainers
mailing list