[Pkg-kde-extras] Bug#590745: Fwd: KVIrc: Security fix for 3.4 and 4.0 (stable and unstable/testing)

Mark Purcell msp at debian.org
Thu Jul 29 00:12:46 UTC 2010 

Package: kvirc
Severity: grave
Version: 2:3.4.0-3
Tags: security, pending, upstream
Forwarded: https://svn.kvirc.de/kvirc/ticket/858


----------  Forwarded Message  ----------

Subject: KVIrc: Security fix for 3.4 and 4.0 (stable and unstable/testing)
Date: Wednesday 28 July 2010, 00:00:49
From: Kai Wasserbäch <debian at carbon-project.org>
To: Mark Purcell <msp at debian.org>, team at security.debian.org
CC: Raúl Sánchez Siles <rasasi78 at gmail.com>

Dear Mark, dear Debian Security team memebers,
yesterday I was made aware by KVIrc's upstream of a new security bug in the
KVIrc code base, which was there since the 3.4 days. Upstream tracks the bug as
#858 [0].

I'd like to ask you for the respective sponsorship (and release of a DSA) of a
bug fix release for 3.4 (stable update) and 4.0 (testing/unstable). Attached
you'll find the debdiff and a bundle of the files to upload for the 3.4 branch
(which is in stable).
The update for the 4.0 branch (which is in unstable and testing) can either be
built form our Hg repository at [1] or you can use the prepared source package
at [2] (dget'able URL: [3]).
The source package at [2] and the source package contained in the attached
"kvirc_3.4.0-6_security-team-bundle.tar.bz2" are signed with my GnuPG key.

Thank you in advance for a quick upload!

Kind regards,
Kai Wasserbäch

P.S.: Should you need further information, feel free to ask me for it.


[0] https://svn.kvirc.de/kvirc/ticket/858
[1] http://hg.debian.org/hg/pkg-kde/kde-extras/kvirc
[2] http://dev.carbon-project.org/debian/kvirc/
[3] http://dev.carbon-project.org/debian/kvirc/kvirc_4.0.0-3.dsc



-- 

Kai Wasserbäch (Kai Wasserbaech)

E-Mail: debian at carbon-project.org
Jabber (debianforum.de): Drizzt
URL: http://wiki.debian.org/C%C3%B9ran
GnuPG: 0xE1DE59D2      0600 96CE F3C8 E733 E5B6 1587 A309 D76C E1DE 59D2
(http://pgpkeys.pca.dfn.de/pks/lookup?search=0xE1DE59D2&fingerprint=on&hash=on&op=vindex)

-----------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kvirc_3.4.0-6_security-team-bundle.tar.bz2
Type: application/octet-stream
Size: 107391 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20100729/9bead276/attachment-0001.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: kvirc_3.4.0_security-team.debdiff
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20100729/9bead276/attachment-0001.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20100729/9bead276/attachment-0001.pgp>

More information about the pkg-kde-extras mailing list