Hi Could I please get a bump for the phpgedview package so that it reaches testing sooner? It fixes this CVE(0) and is already 6 days old. Cheers Steffen (0): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2064 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080510/58668476/attachment.pgp
Hi Steffen, * Steffen Joeris <steffen.joeris at skolelinux.de> [2008-05-10 13:45]:> Could I please get a bump for the phpgedview package so that it reaches > testing sooner? > It fixes this CVE(0) and is already 6 days old.No need imho, referring to Thijs this is more like a non-issue. Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080510/1ca33143/attachment.pgp
On Sat, 10 May 2008 09:48:07 pm Nico Golde wrote:> Hi Steffen, > > * Steffen Joeris <steffen.joeris at skolelinux.de> [2008-05-10 13:45]: > > Could I please get a bump for the phpgedview package so that it reaches > > testing sooner? > > It fixes this CVE(0) and is already 6 days old. > > No need imho, referring to Thijs this is more like a > non-issue.So can we mark it as unimportant? Cheers Steffen -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080510/1ecac599/attachment.pgp
On Sat, May 10, 2008 13:52, Steffen Joeris wrote:> On Sat, 10 May 2008 09:48:07 pm Nico Golde wrote: > >> Hi Steffen, >> >> >> * Steffen Joeris <steffen.joeris at skolelinux.de> [2008-05-10 13:45]: >> >>> Could I please get a bump for the phpgedview package so that it >>> reaches testing sooner? It fixes this CVE(0) and is already 6 days old. >>> >> >> No need imho, referring to Thijs this is more like a >> non-issue. > So can we mark it as unimportant?I''ve contacted upstream in the meantime and there are issues not made explicit in the changelog. I''m not completely clear on their exact impact but bumping can''t hurt here. Thijs
Hi Steffen, * Steffen Joeris <steffen.joeris at skolelinux.de> [2008-05-10 14:10]:> On Sat, 10 May 2008 09:48:07 pm Nico Golde wrote: > > * Steffen Joeris <steffen.joeris at skolelinux.de> [2008-05-10 13:45]: > > > Could I please get a bump for the phpgedview package so that it reaches > > > testing sooner? > > > It fixes this CVE(0) and is already 6 days old. > > > > No need imho, referring to Thijs this is more like a > > non-issue. > So can we mark it as unimportant?Thijs wanted to check back with upstream. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080510/66febb8d/attachment.pgp