Control: tags -1 + confirmed
On Mon, 2016-09-12 at 22:32 +0200, Roger Kalt wrote:
> Update closes bug https://bugs.debian.org/836505 which allowed to post entry
> arbitrary username by improper authentication.
+elog (2.9.2+2014.05.11git44800a7-3) jessie; urgency=medium
+ * Added patch 0005_elogd_CVE-2016-6342_fix to fix posting entry as
+ arbitrary username (Closes: #836505, CVE-2016-6342)
The version number should be "2.9.2+2014.05.11git44800a7-2+deb8u1",
please. With that change, please go ahead.