Hi, * Andrew Lee <and...@linux.org.tw> [2009-07-12 15:32]: > My package 'stardict' got CVE-2009-2260 report: > https://sourceforge.net/tracker/?func=detail&aid=2814932&group_id=80679&atid=560632 > > I am preparing a updated package for unstable based on the patches from > RedHat's Bugzilla. I will upload it to unstable within 6 hours. > > Please let me know how to handle this update for stable after you review > my updated package in unstable.
Given that the exploit scenario is rather obscure and the impact should be close to zero for most people who installed stardict I think this doesn't justify a DSA. However it would be nice if you could provide updated packages via stable-proposed-updates. Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpBQ3LHr1ceh.pgp
Description: PGP signature
