Bug#697375: rpm: CVE-2012-6088

2013-01-06 Thread Salvatore Bonaccorso
Hey Andrian On Sun, Jan 06, 2013 at 02:06:51AM +0100, John Paul Adrian Glaubitz wrote: > Hi Salvatore, > > On Sat, Jan 05, 2013 at 11:42:04PM +0100, Salvatore Bonaccorso wrote: > > See Dev-Ref 5.11.1.[1], the 4th and 5th item. I know Michal is quite > > active so I first wanted to confirm with hi

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread John Paul Adrian Glaubitz
Hi Salvatore, On Sat, Jan 05, 2013 at 11:42:04PM +0100, Salvatore Bonaccorso wrote: > See Dev-Ref 5.11.1.[1], the 4th and 5th item. I know Michal is quite > active so I first wanted to confirm with him. And I first at least > like to express that I intend to NMU before uploading to a delayed > que

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread Salvatore Bonaccorso
Hi Adrian On Sat, Jan 05, 2013 at 09:13:21PM +0100, John Paul Adrian Glaubitz wrote: > Hi Salvatore, > > > I have seen you are in the LowNMU and the package maintained in > > collab-maint. I can do a NMU in case you have not the time to prepare > > the upload. > > Why not do an NMU and upload it

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread Salvatore Bonaccorso
Hi Michal On Sat, Jan 05, 2013 at 09:06:49PM +0100, Michal Čihař wrote: > Hi > > Dne Sat, 5 Jan 2013 13:33:41 +0100 > Salvatore Bonaccorso napsal(a): > > > Hi Michal > > > > On Fri, Jan 04, 2013 at 03:55:13PM +0100, Moritz Muehlenhoff wrote: > > > Package: rpm > > > Severity: grave > > > Tags:

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread Michal Čihař
Hi Dne Sat, 5 Jan 2013 13:33:41 +0100 Salvatore Bonaccorso napsal(a): > Hi Michal > > On Fri, Jan 04, 2013 at 03:55:13PM +0100, Moritz Muehlenhoff wrote: > > Package: rpm > > Severity: grave > > Tags: security > > Justification: user security hole > > > > This was assigned CVE-2012-6088: > > h

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread John Paul Adrian Glaubitz
Hi Salvatore, > I have seen you are in the LowNMU and the package maintained in > collab-maint. I can do a NMU in case you have not the time to prepare > the upload. Why not do an NMU and upload it into DELAYED/5 or /10? This time Michal will have enough time to respond, yet we won't let too much

Bug#697375: rpm: CVE-2012-6088

2013-01-05 Thread Salvatore Bonaccorso
Hi Michal On Fri, Jan 04, 2013 at 03:55:13PM +0100, Moritz Muehlenhoff wrote: > Package: rpm > Severity: grave > Tags: security > Justification: user security hole > > This was assigned CVE-2012-6088: > http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=3d74c43e7424bc8bf95f5e031446ecb6b08381e8 I hav

Bug#697375: rpm: CVE-2012-6088

2013-01-04 Thread John Paul Adrian Glaubitz
Package: rpm Followup-For: Bug #697375 Linking directly to the patch: > http://rpm.org/gitweb?p=rpm.git;a=patch;h=3d74c43e7424bc8bf95f5e031446ecb6b08381e8 Tagging as patch. Cheers, Adrian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe".

Bug#697375: rpm: CVE-2012-6088

2013-01-04 Thread Moritz Muehlenhoff
Package: rpm Severity: grave Tags: security Justification: user security hole This was assigned CVE-2012-6088: http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=3d74c43e7424bc8bf95f5e031446ecb6b08381e8 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org wi