On Feb/26, Markus Koschany wrote: > Am 19.02.2016 um 13:10 schrieb Stian Soiland-Reyes: > > Hi, > > > > BeanShell aka bsh has released a security fix 2.0b6: > > > > https://github.com/beanshell/beanshell/releases/tag/2.0b6 > > > > It has been reported to MITRE as CVE-2016-2510. > > Hi Stian, > > I intend to backport your changes to fix CVE-2016-2510. Looking at the > relevant commits, I could condense the changes to create the attached > patch. Could you take a look at it and confirm that this is sufficient?
Hi Markus, now that upstream has validated your patch, do you intend to package and upload fixed versions for both wheezy- and jessie-security ? In that case, I'd be happy to validate both your debdiffs prior to your uploading, and then we can release the DSA. Cheers, --Seb
