Hi Salvatore, On Sat, September 29, 2012 19:15, Salvatore Bonaccorso wrote: > On Sun, Aug 19, 2012 at 01:23:38PM +0200, Jordi Mallach wrote: >> On Sun, Aug 19, 2012 at 11:42:57AM +0200, Thijs Kinkhorst wrote: >> > A Denial of Service attack has been reported against tinyproxy: >> > https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/1036985 >> > https://banu.com/bugzilla/show_bug.cgi?id=110#c2 >> > >> > Can you please see to it that this gets addressed in unstable >> > (and by extension wheezy)? >> > >> > Please use CVE-2012-3505 to refer to this issue. >> >> Will try to get something done ASAP. >> >> Should I do something about stable too? The codebase should be really >> similar. > > I looked at the current prepared version for unstable in the tinyproxy > subversion repository, attached is the debdiff to the current version > in unstable. > > Are you fine if I upload this as it is to unstable? > > @SecurityTeam: I'm not Maintainer of the package but tinyproxy > appeared on the radar for RC bugs for wheezy, so noticed this one.
Thanks for your work. It looks good. The changelog does have some quirks: your version number is not NMU-style but maintianer-style, you're not Jordi Mallach and you added a dot in an unrelated stanza. If you fix these small items up, please upload this. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
