On 29/11/2010 07:55, Dmitry E. Oboukhov wrote:
Package: release.debian.org
Please unblock centerim/4.22.10-1.
Centerim is an upstream frozen project, their releases usually include
only security fixes. Last release (4.22.10) fixes CVE-2009-3720.
There is no way we could accept this version in Squeeze.
Besides, upstream's fix for this looks like:
--- lib/xmltok_impl.c
+++ lib/xmltok_impl.c
@@ -1744,7 +1744,7 @@
const char *end,
POSITION *pos)
{
- while (ptr != end) {
+ while (ptr < end) {
switch (BYTE_TYPE(enc, ptr)) {
#define LEAD_CASE(n) \
case BT_LEAD ## n: \
So, it's really easy to get current testing's version patched and fixed.
Please prepare a fixed version against testing's version targetting
testing-proposed-updates.
Regards,
--
Mehdi Dogguy مهدي الدڤي
http://dogguy.org/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
