From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: libgd security update Date: Sat, 16 Jul 2016 12:51:17 -0400 Message-ID: <20160716165117.GA981@jasmine> References: <20160715203212.GA10916@jasmine> <87wpklahf8.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41774) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bOSoQ-0001d6-Cp for guix-devel@gnu.org; Sat, 16 Jul 2016 12:51:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bOSoL-0002hm-Fp for guix-devel@gnu.org; Sat, 16 Jul 2016 12:51:33 -0400 Content-Disposition: inline In-Reply-To: <87wpklahf8.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ludovic =?iso-8859-1?Q?Court=E8s?= Cc: guix-devel@gnu.org On Sat, Jul 16, 2016 at 02:36:27PM +0200, Ludovic Courtès wrote: > > This patch series was not trivial to create; removing the binary diffs > > required some care, some of the patches depended on changes associated > > with the removed binary diffs, and some upstream fixes were reverted and > > re-committed with changes. Will someone double-check this patch series > > for mistakes? > > I am not familiar with neither gd nor this CVE, but at first sight the > changes make sense to me. AIUI they are mostly those in upstream’s > repo, minus the binary test data, so that should be fine. Right! > I’d say OK for both. Thanks for the review. Pushed!