GNU bug report logs

#33933 [PATCH 0/4] gnu: libextractor: Fix CVE-2018-{20430,20431}.

PackageSource(s)Maintainer(s)
guix-patches PTS Buildd Popcon
Full log

Message #29 received at 33933@debbugs.gnu.org (full text, mbox, reply):

Received: (at 33933) by debbugs.gnu.org; 3 Jan 2019 19:29:34 +0000
From debbugs-submit-bounces@debbugs.gnu.org Thu Jan 03 14:29:34 2019
Received: from localhost ([127.0.0.1]:45956 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gf8gP-0006L4-RR
	for submit@debbugs.gnu.org; Thu, 03 Jan 2019 14:29:34 -0500
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:38907)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1gf8gN-0006Kq-E8
 for 33933@debbugs.gnu.org; Thu, 03 Jan 2019 14:29:32 -0500
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id E353322094;
 Thu,  3 Jan 2019 14:29:25 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
 by compute4.internal (MEProxy); Thu, 03 Jan 2019 14:29:25 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=GAM7yVyXUmBbzGDP+dZGih0b
 DVMOf8kbqDYW8iZqsmY=; b=2F5zVeUf7rAEWcuZnqEvKwvVELJJZJ5wklfIalFE
 uBzaI5d93Dad7pKCma5rvFxOxd4JBPuY8MfG+/6+ty4TYF7vHBcgdOAJyzuWXUP1
 ek2+FB4oXoxL3N1x+b/y4Yhze2hxBL1va+EouDTAd3gxzzJlpgDFsjapIVZD2eUf
 Uho=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=GAM7yV
 yXUmBbzGDP+dZGih0bDVMOf8kbqDYW8iZqsmY=; b=TtHmdiEp/MhphEwA1JkZDy
 MFML1xqg1j8KUIBVQOwuf7DYLWZYI1x5f+N1cKNKIntIg9gkKNgKhC4VE+tLUPTQ
 lCD54isj5yUuT50nhjJKi/sfO8ZNi1s6410YR20tpi5P/p5rF1Z0+78fSzGutyjB
 GHXDTZNOKmbgh3Mw6gq4uvRqwisKFIx3JJWCA1Sv+NW4bpZO8IxJFoNR9dOKXFMK
 D8Q9cG/n24gPs6+bdluWQPzxeoTo7541ATbTJMIqx4oLDw4h460w/ySXFIMDfv1U
 FsjmDAW73tLM/zaxerb3ROn7InDhlGD1NX/pNsd0vfrlScGc5po0Zl+4PhJVptUQ
 ==
X-ME-Sender: <xms:lWIuXEf_I-rb8pXxX-hwKFJo70KpjsIY_ObXHePjwKJJ7uMWQcg-0A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrudelgdeijeculddtuddrgedtkedrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjfgesghdtreertdervdenucfhrhhomhepnfgvohcu
 hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecukfhppeejie
 druddvgedrvddtvddrudefjeenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgr
 mhhulhgrrhhirdhnrghmvgenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:lWIuXMXq5jklz4-GZWBau5fpCOQL_K-2hO1d3Bi4B6ZBwyjoTR25KQ>
 <xmx:lWIuXMcY_cnWyim7BctQWVbA-c2pDnK0o-K_9nntUirmAGIANH5QEQ>
 <xmx:lWIuXBHUoJ0bRirkbf3q-VsTJBCjTRChmgzL22GB4B9aQUVi56-9zg>
 <xmx:lWIuXOFEeR7HCEUF2RBT4EMGhoqKwc8XicYFGx4R-6NkCPt0ndqIZg>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id DB99B100BA;
 Thu,  3 Jan 2019 14:29:24 -0500 (EST)
Date: Thu, 3 Jan 2019 14:29:18 -0500
From: Leo Famulari <leo@famulari.name>
To: Alex Vong <alexvong1995@gmail.com>
Subject: Re: [bug#33933] [PATCH 0/4] gnu: libextractor: Fix CVE-2018-{20430,
 20431}.
Message-ID: <20190103192918.GA5598@jasmine.lan>
References: <87pntihaht.fsf@gmail.com>
 <87bm4xyjek.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="5mCyUwZo2JvN/JJP"
Content-Disposition: inline
In-Reply-To: <87bm4xyjek.fsf@gmail.com>
User-Agent: Mutt/1.11.0 (2018-11-25)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 33933
Cc: guix-devel@gnu.org, 33933@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

[Message part 1 (text/plain, inline)]
On Thu, Jan 03, 2019 at 09:12:35PM +0800, Alex Vong wrote:
> Btw, for security fixes, how long should I wait before I ping here?

If you are confident in the fix, it's fine to go ahead and commit if
there is no review. Otherwise, a day or two is probably fine. If the
vulnerability is particularly severe, you could send a reminder to
<guix-security@gnu.org>, or email the maintainers directly.

[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Dec 22 10:00:10 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.