Hi Felix, On Thu, Oct 10, 2013 at 09:42:10PM +0200, Felix Geyer wrote: > On 10.10.2013 09:06, Moritz Muehlenhoff wrote: > > Package: libapache2-mod-fcgid > > Severity: grave > > Tags: security > > Justification: user security hole > > > > This was assigned CVE-2013-4365: > > http://www.mail-archive.com/dev@httpd.apache.org/msg58077.html > > > > Isolated patch: > > https://mail-archives.apache.org/mod_mbox/httpd-cvs/201309.mbox/%3c20130929174048.13b962388...@eris.apache.org%3E > > > > Can you prepare updated packages for oldstable/stable and contact > > t...@security.debian.org ? > > http://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security > > I've prepared updates for wheezy and squeeze, see the attached debdiffs. > Please let me know if I should upload these.
The debdiffs look good. Could you please upload both to security-master? For the wheezy-security upload it's the first one in the security-archive so it needs to be built with -sa. Thanks for your work! Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
