Control: tags -1 + confirmed On Fri, 2018-02-09 at 00:15 +0100, Thomas Goirand wrote: > I'd like to push for an update of miniupnpd in Stretch, in order to > fix > CVE-2017-1000494. The security team decided to go without a DSA. > > Attached is the debdiff for the fix.
Please go ahead. > Also, please let me know if my .changes must include the > .orig.tar.gz, > if it must, I'll rebuild with --force-orig-source. I'm sorry for I > never remember when it should or not... :( > No. It's required for the first upload of that .orig to a particular archive (i.e. ftp-master or security), but not for subsequent uploads to that archive. Regards, Adam