libarchive-tar-perl oldstable update for CVE-2007-4829

gregor herrmann gregoa at debian.org
Sun Apr 5 00:09:47 UTC 2009


On Sat, 04 Apr 2009 22:50:44 +0200, Luk Claes wrote:

> >>> I'm attaching the diff between 1.30-2 (in oldstable) and 1.38-2 (the
> >>> last version in the archive that got removed later). The diff is
> >>> created by
> >> Please note that there was also a 'second half' to CVE-2007-4829 fixed
> >> upstream in 1.39_01. See #509802. This should presumably be fixed too.
> > so if the release
> > team wishes it would be easy to upload the "old" 1.38-2 plus this
> > patch (with whatever version number would be appropriate for such a
> > mixture :).
> Ok, please upload with an appropriate version :-)

Uploaded, please shout if something's not ok with the package.

Cheers,
gregor
-- 
 .''`.   Home: http://info.comodo.priv.at/{,blog/} / GPG Key ID: 0x00F3CFE4
 : :' :  Debian GNU/Linux user, admin, & developer - http://www.debian.org/
 `. `'   Member of VIBE!AT, SPI Inc., fellow of FSFE | http://got.to/quote/
   `-    NP: Alanis Morisette: You Owe Me Nothing in Return
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20090405/00c1108f/attachment.pgp 


More information about the pkg-perl-maintainers mailing list