Hi,
Austin English wrote (31 Aug 2015 19:48:50 GMT) :
> On Tue, Aug 18, 2015 at 5:03 AM, intrigeri <intrigeri@???> wrote:
>> Could you please check:
>>
>> 1. if this is worth a CVE ID
Ping on this part? Without a CVE, it'll be painful to track by the
Debian security team.
>> 2. if the proposed patchset applies on top of Debian Wheezy's wget
> The patch has been applied upstream:
> http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099
> it does not apply cleanly to 1.16.3, conflicting on tests. The source
> changes, however, apply without conflict, I've attached that diff.
OK, that's a good start. Thanks for checking! I think that resolving
the merge conflict will make Debian security team more at ease taking
the patch. Does it seem doable?
Cheers,
--
intrigeri
