Rene Bartsch
2013-May-11 15:08 UTC
Changes in Makefile/dependencies between Tine 1.0.16 and 1.0.21?
Hi, currently there is a bug report about CVE-2013-1428 in Ubuntu ( https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763). Are there any changes in Makefile or dependencies which make it necessary to adjust a packaging system or does it suffice to adjust version numbers and source-code url? Thanx, Renne -------------- n?chster Teil -------------- Ein Dateianhang mit HTML-Daten wurde abgetrennt... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130511/1dbf7e87/attachment.html>
Guus Sliepen
2013-May-11 16:01 UTC
Changes in Makefile/dependencies between Tine 1.0.16 and 1.0.21?
On Sat, May 11, 2013 at 05:08:43PM +0200, Rene Bartsch wrote:> currently there is a bug report about CVE-2013-1428 in Ubuntu ( > https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763). Are there any > changes in Makefile or dependencies which make it necessary to adjust a > packaging system or does it suffice to adjust version numbers and > source-code url?I don't know how Ubuntu handles their LTS releases, but normally you would only backport the fix for a vulnerability, you don't package a newer upstream version. In that case, the debdiff posted by Malte S. Stretz in that thread is what you want to apply to the Ubuntu LTS packages as well: http://launchpadlibrarian.net/138627199/tinc_1.0.19-2_1.0.19-3.diff.gz If it's not LTS then just package the latest version of tinc as you would do any new upstream release. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130511/c18f4b97/attachment.pgp>