[request-tracker-maintainers] Fixes for RT 3.x issue CVE-2011-0009
Julien Cristau
jcristau at debian.org
Thu Feb 10 17:55:30 UTC 2011
On Thu, Jan 20, 2011 at 16:47:27 +0000, Dominic Hargreaves wrote:
> On Thu, Jan 20, 2011 at 12:39:23PM +0100, Julien Cristau wrote:
> > On Thu, Jan 20, 2011 at 11:10:31 +0000, Dominic Hargreaves wrote:
> >
> > > SRM, could you advise on whether this can be included in Saturday's
> > > point release?
> > >
> > The cutoff for this was on monday. So no.
>
> Thanks for confirming; as I thought. I'm still discussing with the
> security team about the best route to updating this, but from your
> point of view would the changes be okay for the point release after
> next (ie can I upload this to stable if needed)?
>
Sorry I didn't get back to this until now. In the mean time I see this
was fixed through security in 3.6.7-5+lenny5, and will be part of the
next lenny point release. Thanks for your work.
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-request-tracker-maintainers/attachments/20110210/44bf02cd/attachment.pgp>
More information about the pkg-request-tracker-maintainers
mailing list