[Bug 336396] Re: proposed diff for hardy-security
Kees Cook
kees at ubuntu.com
Tue Mar 10 18:09:41 UTC 2009
Comparing the fixes that Debian performed[1], I think this patch may
additionally require fixes for CVE-2009-0366. Also, please follow the
changelog format in the Security Update Procedures[2], since that will
make it easier for us to examine the patches.
I do have a worry that just ripping out Python is the wrong approach to
take with this bug, as that drops features as well. However, in the
light of upstream's response to the bug (they did the same), I think it
makes sense. Will there be AIs that no longer work if this code is
removed from wesnoth?
[1] http://packages.debian.org/changelogs/pool/main/w/wesnoth/current/changelog
[2] https://wiki.ubuntu.com/SecurityUpdateProcedures
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0366
** Changed in: wesnoth (Ubuntu)
Status: In Progress => Incomplete
--
proposed diff for hardy-security
https://bugs.launchpad.net/bugs/336396
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list