Patch pilot report 2013-05-29
Jamie Strandboge
jamie at canonical.com
Wed May 29 06:18:04 UTC 2013
* LP: 1182586 - CVE-2013-2070: nginx proxy_pass buffer overflow
vulnerability
- precise: review, build, ACK, upload, publish
- quantal: review, build, ACK, upload, publish
- raring: review, build, ACK, upload, publish
* LP: 1166649 - Multiple open vulnerabilities in tomcat6: review 5
patches for 12.10. NAK as is due to what seemed to be hand-applied
patch errors (mostly whitespace changes)
- take appropriate patches from the submitter and add patches from
the precise version
- build, test in QRT, publish
* LP: #1178286 - Security advisory from KDE upstream (kde4libs)
- precise: review, build, ACK, upload
- quantal: review, build, ACK, upload
- raring: review, build, ACK, upload
- work for a while to find a reproducer to test the fix (upstream
report hinted at one, and it looked simple, but it was elusive
and there just wasn't enough info in the upstream bug (even for
upstream))
I'm still testing/working on the kde4libs update, but it should go out
later today.
--
Jamie Strandboge http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20130529/69cfe79d/attachment.pgp>
More information about the ubuntu-devel
mailing list