[Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny

Modestas Vainius modestas at vainius.eu
Mon Aug 18 16:31:29 UTC 2008


pirmadienis 18 rugpjūtis 2008, thacrazze rašė:
> in the Amarok package is a security issue
> It is fixed in Amarok 1.4.10
> http://amarok.kde.org/en/releases/1/4/10)
The fixed version has been in unstable for two days already. 1.4.10 is a new 
upstream release but:

1. The only real change since is the security fix mentioned above and 
updates to translations.
2. The big upstream tarball diff comes from the differences in *autogenerated* 
autotools stuff. However, autotools stuff is regenerated each time package is 
built anyway so these differences can be safely ignored.
3. Packaging diff from to 1.4.10-1 is just a new debian/changelog 

Given the reasons above, please unblock amarok 1.4.10-1 and allow it to 
migrate to Lenny. You can of couse delay 1.4.10-1 migration a bit if you want 
since the security issue in question is not very critical.

Modestas Vainius <modestas at vainius.eu>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20080818/e121a9bd/attachment.pgp 

More information about the pkg-kde-extras mailing list