Security Patch in netpanzer (question)
Hugo Cisneiros
hugo at devin.com.br
Fri Jun 9 14:32:23 UTC 2006
On Friday 09 June 2006 05:11, Hans de Goede wrote:
> Hugo Cisneiros wrote:
> > Hi,
> >
> > I'm trying to fix this bug in the netpanzer package:
> >
> > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192990
> >
> > It seems that the SVN version is ok, but I'm not a programmer to make a
> > patch only to fix this vulnerability. An option would be to create and
> > apply a patch to update the entire version to SVN instead of only the
> > vulnerability fix.
> >
> > What do you think? What is the current method?
> >
> > If applying the patch to update entirely to the svn version, I must
> > change the entire package's version or change only the release field in
> > the specfile?
>
> Why don't you ask upstream to make a new release with their fix for this
> and the fix I've attached to:
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192983
> for CVE-2006-2575?
>
> That sounds like a good reason to make a new release to me?
I've applied your fix and it works very well, thanks! I'm trying to get the
other fix first, then package both fixes as one release.
The maintainer isn't doing this package anymore. He is looking for new
maintainers and have said that no more versions will be released from him (I
already asked him too ;-)
>From the official home-page:
http://netpanzer.berlios.de
12. Nov 2005
Looking for a new maintainer
The last months I was very busy with university and other open source projects
I'm working on. So effectively netpanzer development has halted. I'm looking
for someone to take over the netpanzer development. If you're interested
write a mail to matze at braunis.de.
> Otherwise I would try to find the exact patch fixing this and
> backporting it, upgrading to a snapshot might cause all kinda problems
> including network protocol incompatibilities.
I'll try to do this... It will be much difficult because I'm not a programmer,
but I'll try beggining now ;-) Thanks for your reply.
> Regards,
> Hans
--
[]'s
Eitch
http://www.devin.com.br/eitch/
"Talk is cheap. Show me the code." - Linus Torvalds
More information about the fedora-extras-list
mailing list