Hi,
today I was made aware of CVE-2009-0129 and the discussion at the Debian
BTS http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511519.
IMHO, the proposed patch (submitted to sourceforge as bug 2545158) looks
reasonable enough and before adopting this patch for the package
security/p5-Crypt-OpenSSL-DSA in pkgsrc I wanted to ask why it has
not been integrated in CVS?
ciao
Klaus
|
