[Pkg-privacy-maintainers] RFS onionshare 0.8.1-2 to fix CVE
Holger Levsen
holger at layer-acht.org
Mon May 30 09:13:16 UTC 2016
Hi,
I'm sorry, but your debian/0.8.1-2 tag is not what it's supposed to be:
~/Projects/onionshare/onionshare$ git diff debian/0.8.1-1..debian/0.8.1-2 | head -15
diff --git a/debian/changelog b/debian/changelog
index 55e65ad..29b3f00 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,22 @@
+onionshare (0.8.1-2~bpo8+1) jessie-backports; urgency=high
+
+ * Rebuild for jessie-backports.
+
+ -- Ulrike Uhlig <u at 451f.org> Thu, 26 May 2016 22:56:09 +0200
+
+onionshare (0.8.1-2) unstable; urgency=high
+
+ * debian/patches:
+ * Add patch by M. Scherer to fix CVE-2016-5026.
The debian/0.8.1-2_bpo80+1 tag is identical to debian/0.8.1-2.
Please fixup those tags.
Also: please don't mark the subject as "urgent" or "half-urgent", when it's
not:
https://security-tracker.debian.org/tracker/CVE-2016-5026 clearly says
"Neutralised by kernel hardening" and "Severity: unimportant".
Claiming urgency when there is none might result in not believing you
when in future you claim urgency again… :/
--
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-privacy-maintainers/attachments/20160530/518f657c/attachment-0001.sig>
More information about the Pkg-privacy-maintainers
mailing list