Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2015-02-02 Thread Adam D. Barratt
Control: tags -1 + pending On 2015-02-01 20:37, Javi Merino wrote: On Fri, Jan 02, 2015 at 08:49:31PM +, Adam D. Barratt wrote: Control: tags -1 +confirmed -moreinfo On Tue, 2014-12-23 at 15:24 +, Adam D. Barratt wrote: > On 2014-12-23 14:55, Javi Merino wrote: > > On Tue, Dec 23, 2014

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2015-02-01 Thread Javi Merino
On Fri, Jan 02, 2015 at 08:49:31PM +, Adam D. Barratt wrote: > Control: tags -1 +confirmed -moreinfo > > On Tue, 2014-12-23 at 15:24 +, Adam D. Barratt wrote: > > On 2014-12-23 14:55, Javi Merino wrote: > > > On Tue, Dec 23, 2014 at 01:20:10PM +, Adam D. Barratt wrote: > > >> The patch

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2015-01-02 Thread Adam D. Barratt
Control: tags -1 +confirmed -moreinfo On Tue, 2014-12-23 at 15:24 +, Adam D. Barratt wrote: > On 2014-12-23 14:55, Javi Merino wrote: > > On Tue, Dec 23, 2014 at 01:20:10PM +, Adam D. Barratt wrote: > >> The patches look okay, but it appears that this hasn't been fixed in > >> unstable yet

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2014-12-23 Thread Adam D. Barratt
On 2014-12-23 14:55, Javi Merino wrote: On Tue, Dec 23, 2014 at 01:20:10PM +, Adam D. Barratt wrote: The patches look okay, but it appears that this hasn't been fixed in unstable yet. Is that correct? If so then we generally prefer to get unstable fixed first, so that the changes can get som

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2014-12-23 Thread Javi Merino
On Tue, Dec 23, 2014 at 01:20:10PM +, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > Hi, > > On 2014-12-23 12:15, Javi Merino wrote: > >mercurial in wheezy is affected by CVE-2014-9390[0] (Errors in > >handling case-sensitive directories allow for remote code execution on > >pull).

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2014-12-23 Thread Adam D. Barratt
Control: tags -1 + moreinfo Hi, On 2014-12-23 12:15, Javi Merino wrote: mercurial in wheezy is affected by CVE-2014-9390[0] (Errors in handling case-sensitive directories allow for remote code execution on pull). The security team says that few users are affected by it as it only affects you i

Bug#773796: wheezy-pu: package mercurial/2.2.2-4

2014-12-23 Thread Javi Merino
Package: release.debian.org Severity: normal Tags: wheezy User: release.debian@packages.debian.org Usertags: pu mercurial in wheezy is affected by CVE-2014-9390[0] (Errors in handling case-sensitive directories allow for remote code execution on pull). The security team says that few users ar