Hi Tzafrir,
On Sat, Jan 07, 2017 at 10:28:01PM +0100, Tzafrir Cohen wrote:
> I prepared a version in the branch jessie-backports in git[1].
>
> It seems to work OK here. I don't hae my key in the backports keyring,
> so I prefer that you upload it.
done, thanks! Also created a git tag and pushed
On Fri, Jan 06, 2017 at 01:37:58PM +, Holger Levsen wrote:
> Hi Tzafrir,
>
> On Fri, Jan 06, 2017 at 12:25:07AM +0100, Tzafrir Cohen wrote:
> > The version in Jessie-backports seems to be the only one affected by it.
>
> will you upload a fixed version to jessie-bpo or should I? (I'd be happy
Hi Tzafrir,
On Fri, Jan 06, 2017 at 12:25:07AM +0100, Tzafrir Cohen wrote:
> The version in Jessie-backports seems to be the only one affected by it.
will you upload a fixed version to jessie-bpo or should I? (I'd be happy
if you did, but I was the person introducing mock to bpo, so I'd take
resp
On Fri, Jan 06, 2017 at 06:34:15AM +0100, Salvatore Bonaccorso wrote:
> # not found actually in 1.3.2 ...
> Control: notfound -1 850320 1.3.2-1
> # but found in version as in jessie packports according to analysis
> Control: found -1 1.2.3-1
> # and mark as fixed in 1.3.2-1 the first version after
# not found actually in 1.3.2 ...
Control: notfound -1 850320 1.3.2-1
# but found in version as in jessie packports according to analysis
Control: found -1 1.2.3-1
# and mark as fixed in 1.3.2-1 the first version after 1.2.21 in the
# archive
Control: fixed -1 850320 1.3.2-1
Hi Tzafrir,
On Fri, J
My initial reading into this: neither the version in Stable (1.1.33-1)
nor the version in Testing / Unstable (1.3.2-1) is volnurable. Not
closing yet as I want to test this better.
The version in Jessie-backports seems to be the only one affected by it.
Impact: mock is a chroot building serer. Yo
Source: mock
Version: 1.3.2-1
Severity: grave
Tags: patch security upstream
Justification: user security hole
Hi,
the following vulnerability was published for mock. I'm not too
familiar with it, but following the code and the applied upstream
commit 1.3.2-1 should be vulnerable.
CVE-2016-6299[0
7 matches
Mail list logo
