Bug#622919: Raise severity?
gregor herrmann
gregoa at debian.org
Tue Jan 3 20:14:23 UTC 2012
On Tue, 03 Jan 2012 20:54:12 +0100, Moritz Muehlenhoff wrote:
> > On Tue, 19 Apr 2011 19:48:35 +0200, Salvatore Bonaccorso wrote:
> >
> > > As this about SQL injection weaknesses, should the severity be raised
> > > to grave, as security bug?
> >
> > Hm, probably yes.
> >
> > Upstream Changes has more infos:
> > http://cpansearch.perl.org/src/SARTAK/Jifty-DBI-0.68/Changes
>
> This is still open in stable. Can you fix this for the upcoming
> 6.0.4 Squeeze point update?
Oops!
Yes, sure, if the release team agrees.
(Funnily, there was already a squeeze-branch in svn which didn't make
it into our shiny new git repo, and I still have the files built in
April lying around.)
Looking at the diff again (attached for reference), it's quite long
and also includes documentation fixes.
I guess we have to look a bit to trim it down to the relevant parts.
(CC'ing Yves who might be quicker to provide a minimal patch :))
Cheers,
gregor
--
.''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key ID: 0x8649AA06
: :' : Debian GNU/Linux user, admin, & developer - http://www.debian.org/
`. `' Member of VIBE!AT & SPI, fellow of Free Software Foundation Europe
`- NP: Kurt Ostbahn & die Chefpartie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20120103/669acfbe/attachment.pgp>
More information about the pkg-perl-maintainers
mailing list