Control: tags -1 + confirmed On Mon, 2019-02-18 at 18:12 +0100, Mattias Ellert wrote: > fre 2019-02-15 klockan 13:06 +0000 skrev Adam D. Barratt: > > Control: tags -1 + moreinfo > > > > On 2019-02-15 10:12, Mattias Ellert wrote: > > > This is a proposal to fix CVE-2019-7659 in stretch. > > > > > > The update also addresses one additional advisory published by > > > the > > > upstream developers. > > > > +-soap_encode_url(const char *s, char *t, size_t len) > > ++soap_encode_url(const char *s, char *t, int len) > > > > If soap_encode_url is a public symbol, that's an ABI break - int > > and > > size_t may well not be the same size, but they're definitely > > different > > signedness. [...] > > The outcome of the discussion was that using ssize_t instead of int > in the patch was a better idea, and that version was accepted. > > I propose the same change for stretch.
Please go ahead; sorry for the delay. Regards, Adam
