From: Don Armstrong <don@donarmstrong.com>
Date: Sun, 21 May 2017 19:41:50 +0000 (-0700)
Subject: document the changes to backport the fix to #862667
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=refs%2Fheads%2Fbackport_fix_for_862667;p=perltidy.git

document the changes to backport the fix to #862667
---

diff --git a/debian/changelog b/debian/changelog
index deeb54a5..7c678eaf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,11 +1,9 @@
-perltidy (20160302-1) unstable; urgency=medium
+perltidy (20140328-2) unstable; urgency=high
 
-  * New upstream release
-  * Die if an existing perltidy.ERR cannot be removed to block overwriting
-    of arbitrary files by a symlink attack. (closes: #862667) Thanks to
-    Jakub Wilk for identifying this issue.
+  * Backport fix for CVE-2016-10374 which fixes insecure file deletion of
+    perltidy.ERR and perltidy.LOG files (closes: #862667)
 
- --
+ -- Don Armstrong <don@debian.org>  Sun, 21 May 2017 12:41:30 -0700
 
 perltidy (20140328-1) unstable; urgency=medium