Review security of libeap/wpa_supplicant and send mail to security team explaining...

author Sam Hartman <hartmans@debian.org>

Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)

committer Sam Hartman <hartmans@debian.org>

Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)
author Sam Hartman <hartmans@debian.org>
Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)
committer Sam Hartman <hartmans@debian.org>
Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)
diff --git a/debian/TODO b/debian/TODO

index 801a99a..3e5daf9 100644 (file)
--- a/debian/TODO
+++ b/debian/TODO
@@ -1,12 +1,3 @@
-* Give the security team a change to comment on the included code from
-  wpa_supplicant.  There's really no other way; their ABI is not
-  stable enough that it would make sense to build eap shared libraries
-  out of the wpa_supplicant package.  The code is relatively stable,
-  and I think this is the best approach but the security team should
-  be given a heads up.
-
-* Confirm there are not security fixes we need to pull in from wpa_supplicant.
-
  * Not a release blocker for jessie although the security fix
    confirmation above certainly is.  Upgrade to latest wpa_supplicant.
    We have a procedure for doing that (subtree merge of our git master
diff --git a/debian/changelog b/debian/changelog

index 9d8aa18..5aa07bc 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+moonshot-gss-eap (0.9.2-3) unstable; urgency=medium
+
+  * Review security of libeap/wpa_supplicant and send mail to security
+    team explaining why I believe moonshot-gss-eap is supportable, Closes:
+    #766476
+
+ -- Sam Hartman <hartmans@debian.org>  Thu, 23 Oct 2014 12:05:38 -0400
+
  moonshot-gss-eap (0.9.2-2) unstable; urgency=medium
  
    * Incorporate ustream deltas:
author	Sam Hartman <hartmans@debian.org>
	Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)
committer	Sam Hartman <hartmans@debian.org>
	Thu, 23 Oct 2014 16:06:01 +0000 (12:06 -0400)
debian/TODO		patch \| blob \| history
debian/changelog		patch \| blob \| history