On Wed, 8 Sep 2010 19:08:39 -0600
Vincent Danen <vdanen(a)redhat.com> wrote:
* [2010-09-08 16:42:34 -0600] Kevin Fenzi wrote:
>ok.
>
>I now have:
>
>* Wed Sep 08 2010 Kevin Fenzi <kevin(a)tummy.com> - 1.2.4-1
>- Update to 1.2.4 which fixes:
>- Fixes: CVE-2010-1780 CVE-2010-1782 CVE-2010-1784 CVE-2010-1785
>- Fixes: CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790
>- Fixes: CVE-2010-1792 CVE-2010-1793 CVE-2010-2648
>- Update to 1.2.3 which fixes:
>- Fixes: CVE-2010-1386 CVE-2010-1392 CVE-2010-1405 CVE-2010-1407
>- Fixes: CVE-2010-1416 CVE-2010-1417 CVE-2010-1665 CVE-2010-1418
>- Fixes: CVE-2010-1421 CVE-2010-1422 CVE-2010-1501 CVE-2010-1767
>- Fixes: CVE-2010-1664 CVE-2010-1758 CVE-2010-1759 CVE-2010-1760
>- Fixes: CVE-2010-1761 CVE-2010-1762 CVE-2010-1770 CVE-2010-1771
>- Fixes: CVE-2010-1772 CVE-2010-1773 CVE-2010-1774 CVE-2010-2264
Everything before this looks correct.
>- Fixes bugs: 606303 606304 615728 615729 631583 631948 631946 631942
>- Fixes bugs: 631939
Remove 631948, 631946, 631942, and 631949 - those issues are not yet
corrected upstream (they're corrected in webkit svn, but not in
webkitgtk). They'll be fixed in 1.2.5 I think (as a hint, the CVE
names they reference (CVE-2010-18*) are nowhere in the above list).
Ah yes, it's been a crazy day. :(
Sorry about that.
Once those four bugs are removed, I think it's good. =)
ok. Will push the updates now.
Thanks.
kevin