On Fri, 2012-04-06 at 11:43 +, Thorsten Glaser wrote:
> Bernhard R. Link dixit:
> >The following patch moves he deletion behind dh_compress,
> >thus actually matching something.
>
> OK. Thanks!
fwiw, I assume s/\.gz//g on the affected lines would also have worked.
> Should I upload this, or
Bernhard R. Link dixit:
>The effect you see is usually not from a unclean chroot, but from a
>non-minimal chroot.
Non-minimal is unclean.
>It essentially means that the cvs package misses
>either code to mitigate this or misses a Build-Conflicts.
Possibly… the package from squeeze and older is
* Thorsten Glaser [120321 18:40]:
> In fact, neither do the auto-built packages on e.g. armel which
> I can download to verify that.
>
> So I highly suspect someone entrusted with debian-security not only
> uploads packages against maintainers wishes with broken version numbers
> but also does not
Dixi quod…
>For the record, the package I would have uploaded to fix the security
>issue, with a non-bogus version number, did not have this issue:
In fact, neither do the auto-built packages on e.g. armel which
I can download to verify that.
So I highly suspect someone entrusted with debian-sec
4 matches
Mail list logo
