On Sat, May 19, 2012 at 9:55 AM, Jonathan Wiltshire <j...@debian.org> wrote: > On Thu, May 17, 2012 at 07:20:37AM -0700, Thibaut VARÈNE wrote: >> I've no idea how to fix this in stable and I'm currently in vacation with >> limited Internet access... > > I'll take care of it (I wish you'd asked for help sooner).
Thanks > For your reference: > http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security Well, FYI I did pop up on #debian-security on OFTC to ask for help when upstream advised me of their intent to publicize the vulnerability, and I waited there for several hours and nobody even paid attention to me. I've also been told that the initial bug reporter (intrigueri) did contact d-s about the issue and also never got any answer, and he couldn't point me to a RT ticket since apparently it was private until upstream's disclosure, so I couldn't even sync on that. I'm guessing nobody considered this a high enough priority to warrant more attention. Which is fine by me, it's not like everyone is using pidgin-otr anyway. It's not a high-profile package. T-Bone -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
