Re: Python search path security issue

From: Loïc Minier <lool dooz org>
To: distributor-list gnome org
Subject: Re: Python search path security issue
Date: Tue, 27 Jan 2009 12:22:52 +0100

        Hi

On Tue, Jan 27, 2009, Bastien Nocera wrote:
> http://bugzilla.gnome.org/show_bug.cgi?id=569273
> Josselin, please make sure that future security holes, however small are
> reported upstream as a matter of urgency.

 I contacted the original committer; I personally think it's a failure
 of the Debian GNOME Team and we should improve our process to make sure
 that we have one upstream bug for each patch we carry, but he insisted
 that I forward his apologies (attached).

   Cheers,
-- 
Loïc Minier

--- Begin Message ---

From: Deng Xiyue <manphiz-guest users alioth debian org>

To: lool dooz org

Subject: Apology for lack of communication with upstream for security fix

Date: Tue, 27 Jan 2009 19:09:12 +0800
When incorporating the patch for eog from Debian BTS[1], I overlooked
its potential influence and somewhat confused by the claim that python
2.6 doesn't suffer from this in [1], and then didn't forward the bug
upstream, which I should have.  Sorry for any inconvenience brought by
this, and I will be more careful in future bug triaging.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504352
--- End Message ---

References:
- Python search path security issue
  - From: Bastien Nocera

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]