From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54560)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d7mZp-0002DD-Pb
	for guix-patches@gnu.org; Mon, 08 May 2017 13:36:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d7mZm-0004Eo-Lv
	for guix-patches@gnu.org; Mon, 08 May 2017 13:36:05 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:36460)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1d7mZm-0004EY-3O
	for guix-patches@gnu.org; Mon, 08 May 2017 13:36:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1d7mZl-0005lq-Oz
	for guix-patches@gnu.org; Mon, 08 May 2017 13:36:01 -0400
Subject: bug#26828: Update libetpan to 1.8 (CVE-2017-8825)
Resent-Message-ID: <handler.26828.B26828.149426494122157@debbugs.gnu.org>
Date: Mon, 8 May 2017 13:35:38 -0400
From: Leo Famulari <leo@famulari.name>
Message-ID: <20170508173538.GC7235@jasmine>
References: <20170508164302.41bfd137@lepiller.eu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="eRtJSFbw+EEWtPj3"
Content-Disposition: inline
In-Reply-To: <20170508164302.41bfd137@lepiller.eu>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Julien Lepiller <julien@lepiller.eu>
Cc: 26828@debbugs.gnu.org


--eRtJSFbw+EEWtPj3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, May 08, 2017 at 04:43:13PM +0200, Julien Lepiller wrote:
> Hi,
>=20
> here is a patch to update libetpan to version 1.8. This update also
> fixes CVE-2017-8825. Should it be mentionned in the commit log?

Thanks! Yes, I would add [fixes CVE-2017-8825] to the end of the first
line of the commit message.

I bet the majority of updates include fixes for exploitable bugs (at
least for C programs), but it's still useful to include these bug
identifiers in the commit log, when we know about them.

--eRtJSFbw+EEWtPj3
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkQrGoACgkQJkb6MLrK
fwjmXBAA3+2GrIMMfEE6JROpQ70n9CaKM2RA7PUcOhta4O+XrMfxE187z+hJEkaD
+YDhVP6z50z6h5jv+Nrh/VmY2dv1k/tuc3pLzKbcPT++uwdnJy20d/9KGSOK57/C
gwcFUR7qBV0CltkeT295cuSGpQN2V5MFhoX+aKr/nKqguP+F4Pbokp4o9u6pjWcP
B7k7Q7bbEBiL8+1EngL5sP9cFwZ5dzXz8ioWicMGIvLmAWsk0HA9cG2+Zl5/SIbV
7uj/ioPKmRYrK7Y2WaeZAbzDPaivB/B639Etj//jXvKtQ2KkIWOEoOX6rO+mteRW
6OmC8FdqurpHiEQVd4LXHa6Kj26Z3hTi/s14AV4d0ydPDyw5kU40cD3+TMvbOJly
IMEhedbhgWRPgm3zDEqFyAahHONZncnYsowpqAQWaoO+PhRtGKLRCMdMJ8NjGpTe
E1IvxmkzWSQ8OM2+K73fP5RzDgJ5TpkL0YdhQCF1vVavSmjMmm0Q1Viahbs3XMSO
0+yXQdZMxL1jQHzAuC03m5U4+JXSgOVW9b0zNyPevAMtQj4WPJyitmvB9CdhMhYr
qMma345HzWEuR3RbPRnkXA7uTbCq4fdR0AbgTLlQE+Wmsy3Zg/e9TWgEN8ka48rR
WoW6qyr4SQl2o5EPlpf1BGY7osQLDhBtjyzwIyQvNQWinbuK5EM=
=PnC6
-----END PGP SIGNATURE-----

--eRtJSFbw+EEWtPj3--