Bug#558355: lucene2: Please mention that CVE-2007-2383 has been fixed on next upload
Niels Thykier
niels at thykier.net
Sun Nov 29 16:33:16 UTC 2009
> Hi Niels,
>=20
> Would changing the changelog entry for lucene2 2.9.1+ds1-2
> into
>=20
> lucene2 (2.9.1+ds1-2) unstable; urgency=3Dlow
>=20
> * Removed (unused) embedded Prototype javascript library
> (Closes: #555225, #555226; Fix CVE-2007-2383)
>=20
> do, on the next upload (which will be 2.9.1+ds1-3)?
>=20
> Cheers
>=20
> Jan-Pascal
>=20
>=20
>=20
Hi Jan-Pascal
I believe this is what Torsten Werner did with jetty a few uploads
back[1] and then passed "-v" to dpkg-genchanges/dpkg-buildpackage; but I
am actually not sure if this is all there is too it.
~Niels
[1] http://packages.qa.debian.org/j/jetty/news/20090906T213439Z.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20091129/298104f2/attachment.pgp>
More information about the pkg-java-maintainers
mailing list