On Wed, 2012-10-17 at 13:33 -0700, Roland Dreier wrote: > > Whilst this has now been fixed in unstable, it was via the upload of a > > new upstream which adds over 2000 lines of new code (and doesn't even > > directly include the security fix) and with a debhelper compat bump > > thrown in on the packaging side. [...] > I can easily prepare a 1.0.15-2 package that has just the CVE fix in it > relative to what's in wheezy, but is there anywhere I can upload it to > so that it gets into wheezy?
Yes, t-p-u. :-) (i.e. testing-proposed-updates). A version of "1.0.15-1+deb7u1" would be more conventional here, in order to indicate that the upload was made out of sequence and specifically targeted at wheezy rather than unstable. 1.0.15-2 would work, assuming it's never been used for any upload to Debian. Please prepare the upload, using "wheezy" as the distribution in the changelog and attach the debdiff to a release.debian.org unblock bug - reportbug will create a correctly usertagged bug - indicating in the body of the report that it's intended for t-p-u. We'll check the debdiff and assuming everything is okay you can then upload to ftp-master as usual. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
