[Pkg-kde-extras] Amarok: SECURITY ISSUE in Debian Etch and Lenny
Modestas Vainius
modestas at vainius.eu
Mon Aug 18 16:31:29 UTC 2008
Hi,
pirmadienis 18 rugpjūtis 2008, thacrazze rašė:
> in the Amarok package is a security issue
>
> It is fixed in Amarok 1.4.10
>(http://secunia.com/advisories/31418/,
> http://amarok.kde.org/en/releases/1/4/10)
The fixed version has been in unstable for two days already. 1.4.10 is a new
upstream release but:
1. The only real change since 1.4.9.1 is the security fix mentioned above and
updates to translations.
2. The big upstream tarball diff comes from the differences in *autogenerated*
autotools stuff. However, autotools stuff is regenerated each time package is
built anyway so these differences can be safely ignored.
3. Packaging diff from 1.4.9.1-3 to 1.4.10-1 is just a new debian/changelog
entry.
Given the reasons above, please unblock amarok 1.4.10-1 and allow it to
migrate to Lenny. You can of couse delay 1.4.10-1 migration a bit if you want
since the security issue in question is not very critical.
--
Modestas Vainius <modestas at vainius.eu>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20080818/e121a9bd/attachment.pgp
More information about the pkg-kde-extras
mailing list