[Pkg-puppet-devel] Bug#712745: Re: Bug#712745: Bug#7712745: puppet: CVE-2013-3567
Raphael Geissert
geissert at debian.org
Mon Aug 5 08:41:45 UTC 2013
Hi Stig, Chris,
Stig: Have you been able to check the report?
I haven't taken a proper look at it, but I think there's at least one
extra field that doesn't correspond to the format version.
On 31 July 2013 17:43, Chris Boot <crb at tiger-computing.co.uk> wrote:
> On 25/06/13 17:36, Raphael Geissert wrote:
>> On 21 June 2013 17:07, Raphael Geissert <geissert at debian.org> wrote:
>>> As promised via IRC, attached patch is a version that actually works.
>>
>> And now a patch to be applied on top of it to restore the
>> compatibility of the reports.
>
> This patch isn't part of 2.7.18-5, which is currently in wheezy. We've
> had to roll our own update internally that includes the patch in order
> to correctly process reports from other servers.
>
> Are there any plans to push out a 2.7.18-6 update that includes
> CVE-2013-3567.fixup-for-v3.patch? Would a source debdiff to do this be
> welcome?
Yes, that would be great and help speed things up.
Thanks,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the Pkg-puppet-devel
mailing list