libarchive-tar-perl oldstable update for CVE-2007-4829

gregor herrmann gregoa at debian.org
Sat Apr 4 13:48:29 UTC 2009


On Sun, 15 Mar 2009 12:22:37 +0100, Luk Claes wrote:

> >>> This is Debian bug #449544.
[..]
> >>> However it would be nice if this could get fixed via a regular point update[1].
> >> Nico brought this point to our (pkg-perl's) attention - After some
> >> discussion in the pkg-perl IRC channel, we found that the intermediate
> >> releases between the version shipped in Etch (1.30) and the one where
> >> this bug was fixed (1.38) were all reliability-related [1], and appear
> >> to be not too broad. So, even if we could just pick up the required
> >> changeset to make a specific 1.30-2+etch1 upload, it would be better
> >> just to upload 1.38 to Etch instead - Please tell us what to do.
> > Looking at the changelog it looks indeed like it would be a 
> > good idea to ship 1.38. Would that be a problem for the 
> > release team?
> It depends on the diff.

Oops, it seems that nobody has picked up that question yet, sorry for
that.

I'm attaching the diff between 1.30-2 (in oldstable) and 1.38-2 (the
last version in the archive that got removed later). The diff is
created by

svn diff svn+ssh://svn.debian.org/svn/pkg-perl/attic/libarchive-tar-perl/tags/1.30-2 svn+ssh://svn.debian.org/svn/pkg-perl/attic/libarchive-tar-perl/tags/1.38-2

Cheers,
gregor
-- 
 .''`.   Home: http://info.comodo.priv.at/{,blog/} / GPG Key ID: 0x00F3CFE4
 : :' :  Debian GNU/Linux user, admin, & developer - http://www.debian.org/
 `. `'   Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/
   `-    NP: Pink Floyd: In The Flesh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: archive-tar.diff
Type: text/x-diff
Size: 86600 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20090404/40dd42f7/attachment-0001.diff 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20090404/40dd42f7/attachment-0001.pgp 


More information about the pkg-perl-maintainers mailing list