Debian Bug report logs - #609947
pu: package git-core/1:1.5.6.5-3+lenny3.3

Package: release.debian.org; Maintainer for release.debian.org is Debian Release Team <debian-release@lists.debian.org>;

Reported by: Jonathan Nieder <jrnieder@gmail.com>

Date: Fri, 14 Jan 2011 05:51:05 UTC

Severity: normal

Tags: confirmed, lenny, security

Done: Jonathan Nieder <jrnieder@gmail.com>

Bug is archived. No further changes may be made.

Full log


Message #15 received at 609947@bugs.debian.org (full text, mbox):

Received: (at 609947) by bugs.debian.org; 14 Jan 2011 19:36:05 +0000
From adam@adam-barratt.org.uk Fri Jan 14 19:36:05 2011
X-Spam-Checker-Version: SpamAssassin 3.2.5-bugs.debian.org_2005_01_02
	(2008-06-10) on busoni.debian.org
X-Spam-Level: 
X-Spam-Bayes: score:0.0000 Tokens: new, 13; hammy, 101; neutral, 44; spammy,
	1. spammytokens:0.936-+--month hammytokens:0.000-+--H*UA:2.30.3,
	0.000-+--H*x:2.30.3, 0.000-+--H*F:D*adam-barratt.org.uk,
	0.000-+--HX-Spam-Relays-External:sk:adsl.fu, 0.000-+--H*r:sk:adsl.fu
X-Spam-Status: No, score=-6.6 required=4.0 tests=AWL,BAYES_00,HAS_BUG_NUMBER
	autolearn=ham version=3.2.5-bugs.debian.org_2005_01_02
Return-path: <adam@adam-barratt.org.uk>
Received: from adsb.vm.bytemark.co.uk ([212.110.186.212])
	by busoni.debian.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.69)
	(envelope-from <adam@adam-barratt.org.uk>)
	id 1PdpRN-0005TT-N3
	for 609947@bugs.debian.org; Fri, 14 Jan 2011 19:36:05 +0000
Received: from adsl.funky-badger.org ([213.208.101.238])
	by adsb.vm.bytemark.co.uk with esmtp (Exim 4.72 #1 (Debian))
	(envelope-from <adam@adam-barratt.org.uk>)
	id 1PdpRG-00082A-UM; Fri, 14 Jan 2011 19:36:00 +0000
Received: from hathi.local ([192.168.0.40])
	by adsl.funky-badger.org with esmtp (Exim 4.72)
	(envelope-from <adam@adam-barratt.org.uk>)
	id 1PdpR6-0005Fz-8g; Fri, 14 Jan 2011 19:35:48 +0000
Subject: Re: Bug#609947: pu: package git-core/1:1.5.6.5-3+lenny3.3
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
To: Jonathan Nieder <jrnieder@gmail.com>, 609947@bugs.debian.org
In-Reply-To: <20110114054906.GA10431@burratino>
References: <20110114054906.GA10431@burratino>
Content-Type: text/plain; charset="UTF-8"
Date: Fri, 14 Jan 2011 19:35:05 +0000
Message-ID: <1295033705.14391.176.camel@hathi.jungle.funky-badger.org>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.3 
Content-Transfer-Encoding: 7bit
X-ADSB-Scan-Signature: e5b4c61acf41394378b19581ee39cb22
On Thu, 2011-01-13 at 23:49 -0600, Jonathan Nieder wrote:
> git in lenny (and etch) suffers from Bug#607248 (cross-site scripting
> vulnerability in gitweb, CVE-2010-3906).  The fix has been present in
> sid for about a month with no problems appearing, so I suppose it
> should be safe to apply to lenny, too.
> 
> debdiff attached.  Would this be ok to upload to spu?

Please go ahead.

Regards,

Adam





Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 12:15:20 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.