Fwd: Re: KDE SC 4.11.3 tarballs

Torgny Nyblom nyblom at kde.org
Mon Nov 4 14:47:14 UTC 2013


We got a patch that is pushed as a security issue as response to announcing 
KDE SC 4.11.3 tarballs to packagers. As it is a patch against your project and 
we deem it to be non trivial we would like you to comment on the patch. If it 
should be part of KDE SC or not. In the former case please update libkdcraw 
for all relevant branches.

Torgny Nyblom
Release team

----------  Forwarded Message  ----------

Subject: Re: KDE SC 4.11.3 tarballs
Date: Sunday 03 November 2013, 16.52.57
From: José Manuel Santamaría Lema <panfaust at gmail.com>
To: kde-packager at kde.org

Torgny Nyblom <nyblom at kde.org>
> Hi,
> The tarballs for the 4.11.3 release are now available in the usual
> location.
> I've not compiled them so please report any issues you find.
> sha1 sums and revisions/hashes are attached.
> /Regards
> Torgny

About libdcraw I'm inclined to think it should include the attached patch 
before releasing 4.11.3.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: libkdcraw_CVE-2013-143x.diff
Type: text/x-patch
Size: 7296 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/release-team/attachments/20131104/316fc64e/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/release-team/attachments/20131104/316fc64e/attachment.sig>

More information about the release-team mailing list