On 19 December 2012 09:02, Moritz Muehlenhoff <j...@inutil.org> wrote: > Package: freeciv > Severity: important > Tags: security > > Hi, > please see http://aluigi.altervista.org/adv/freecivet-adv.txt
That's two issues... > Bug: http://gna.org/bugs/?20003 ... reported in one freeciv ticket. That CVE is a bit unfortunate that it (currently) has description containing both parts but fix provided is only one part. I think it's quite likely that they will assign new CVE for the other half to sort this out. > Fix: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670 Patch from stable S2_3 branch (where 2.3.x releases come from): http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21672 And the other fix not listed in CVE: trunk: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21701 / S2_3: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21703 > Please make an isolated upload with the security fix to unstable and > ask the release managers for an unblock by filing a bug against > release.debian.org > > Cheers, > Moritz - ML -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
