Patch pilot report 2013-05-29

Jamie Strandboge jamie at
Wed May 29 06:18:04 UTC 2013

 * LP: 1182586 - CVE-2013-2070: nginx proxy_pass buffer overflow
   - precise: review, build, ACK, upload, publish
   - quantal: review, build, ACK, upload, publish
   - raring: review, build, ACK, upload, publish
 * LP: 1166649 - Multiple open vulnerabilities in tomcat6: review 5
   patches for 12.10. NAK as is due to what seemed to be hand-applied
   patch errors (mostly whitespace changes)
   - take appropriate patches from the submitter and add patches from
     the precise version
   - build, test in QRT, publish
 * LP: #1178286 - Security advisory from KDE upstream (kde4libs)
   - precise: review, build, ACK, upload
   - quantal: review, build, ACK, upload
   - raring: review, build, ACK, upload
   - work for a while to find a reproducer to test the fix (upstream
     report hinted at one, and it looked simple, but it was elusive
     and there just wasn't enough info in the upstream bug (even for

I'm still testing/working on the kde4libs update, but it should go out
later today.

Jamie Strandboge       

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the ubuntu-devel mailing list