Branden Robinson wrote:
> clone 298939 -1
> retitle -1 lesstif1-1: copy of libXpm code affected by buffer overflow CAN-2005-0605
> reassign -1 lesstif1-1
> # I don't actually know if it's fixed upstream yet in LessTif, but I'm
> # guessing it's not.
> tag -1 - fixed-upstream
> # libxpm4 is not fixed until the security buildds' packages are uploaded.
> tag 298939 - fixed
> thanks
>
> Hi Joey,
>
> Did you mean to only reference #298939 in your NMU of lesstif1-1? You said
> "Closes:", which marked as fixed the bug I filed against libxpm4, which is
> not part of lesstif1-1 and is not yet fixed.
>
> I am assuming your closing of #298939 is in error (since it's not
> accurate), and cloning a copy of it for CAN-2005-0605's affect of
> lesstif1-1.
Sorry, I meant to refer to bug #298183 which was already open on
lesstif1 for the same vulnerability.
tag 298183 fixed
merge 298183 299236
thanks
Branden Robinson wrote:
> clone 298939 -1
> retitle -1 lesstif1-1: copy of libXpm code affected by buffer overflow CAN-2005-0605
> reassign -1 lesstif1-1
> # I don't actually know if it's fixed upstream yet in LessTif, but I'm
> # guessing it's not.
> tag -1 - fixed-upstream
> # libxpm4 is not fixed until the security buildds' packages are uploaded.
> tag 298939 - fixed
> thanks
>
> Hi Joey,
>
> Did you mean to only reference #298939 in your NMU of lesstif1-1? You said
> "Closes:", which marked as fixed the bug I filed against libxpm4, which is
> not part of lesstif1-1 and is not yet fixed.
>
> I am assuming your closing of #298939 is in error (since it's not
> accurate), and cloning a copy of it for CAN-2005-0605's affect of
> lesstif1-1.
Sorry, I meant to refer to bug #298183 which was already open on
lesstif1 for the same vulnerability.
--
see shy jo