Control: tags -1 + confirmed On Fri, 2016-12-30 at 07:52 +0100, Salvatore Bonaccorso wrote: > src:cairo in jessie is affected by CVE-2016-9082 which would not > warrant a DSA. A while back in october the issue was already fixed in > unstable, cf. #842289. I would like to propose the attached debdiff > for the upcoming point release.
Please go ahead. > Note: in the 1.14.0-2.1 -> 1.14.0-2.1+deb8u1 the binary package > binary-cairo-perf-utils got one more binary added > (/usr/bin/cairo-perf-graph-files). Whit this update that goes back to > the 1.14.0-2.1 situation. Do we know why that happened? Regards, Adam