Hi. Thanks for the debdiff. I am going to have to NACK it though.
1- The debdiff is inverted.
2- You're not checking the return value of seteuid()
3- This doesn't fix the CVE-2011-2922 issue, which is as serious. If CVE-2011-2922 isn't fixed, there is no value in fixing CVE-2011-2921.
Unsubscribing ubuntu-security-sponsors for now.
Hi. Thanks for the debdiff. I am going to have to NACK it though.
1- The debdiff is inverted.
2- You're not checking the return value of seteuid()
3- This doesn't fix the CVE-2011-2922 issue, which is as serious. If CVE-2011-2922 isn't fixed, there is no value in fixing CVE-2011-2921.
Unsubscribing ubuntu- security- sponsors for now.