Hi I'll let the person doing the update judge whether the patch is premature or not. Generally I do not think we need to wait for upstream.
Best regards // Ola On 24 January 2017 at 08:57, Michael Tokarev <[email protected]> wrote: > 24.01.2017 10:42, Ola Lundqvist wrote: >> CVE-2016-9602 > > this is about 9pfs. In wheezy, this is hardly used by anyone, > as it is very slow and quite unstable. But yes, it migth be a > real security issue. > > However, the patch for this issue isn't upstream yet, it is > only seen in the redhat bugtracker. Isn't it a bit premature > to apply it to wheezy? > > Thanks, > > /mjt -- --- Inguza Technology AB --- MSc in Information Technology ---- / [email protected] Folkebogatan 26 \ | [email protected] 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
