Changes in Makefile/dependencies between Tine 1.0.16 and 1.0.21?
Guus Sliepen
guus at tinc-vpn.org
Sat May 11 18:01:21 CEST 2013
On Sat, May 11, 2013 at 05:08:43PM +0200, Rene Bartsch wrote:
> currently there is a bug report about CVE-2013-1428 in Ubuntu (
> https://bugs.launchpad.net/ubuntu/+source/tinc/+bug/1174763). Are there any
> changes in Makefile or dependencies which make it necessary to adjust a
> packaging system or does it suffice to adjust version numbers and
> source-code url?
I don't know how Ubuntu handles their LTS releases, but normally you would only
backport the fix for a vulnerability, you don't package a newer upstream
version. In that case, the debdiff posted by Malte S. Stretz in that thread is
what you want to apply to the Ubuntu LTS packages as well:
http://launchpadlibrarian.net/138627199/tinc_1.0.19-2_1.0.19-3.diff.gz
If it's not LTS then just package the latest version of tinc as you would do
any new upstream release.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130511/c18f4b97/attachment.pgp>
More information about the tinc
mailing list