Dear maintainer(s), The Debian LTS team recently reviewed the security issue(s) affecting your package in Wheezy: https://security-tracker.debian.org/tracker/CVE-2017-8378 https://security-tracker.debian.org/tracker/CVE-2017-8787
We decided that we would not prepare a wheezy security update (usually because the security impact is low and that we concentrate our limited resources on higher severity issues and on the most widely used packages). That said the wheezy users would most certainly benefit from a fixed package. Two suggested patches were created when investigating the issue. However as the problem could not be reproduced the package will not be updated. The proposed patches are attached to the related Debian bug reports. If you want to work on such an update, you're welcome to do so. Please try to follow the workflow we have defined here: https://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just prepare an updated source package and send it to [email protected] (via a debdiff, or with an URL pointing to the source package, or even with a pointer to your packaging repository), and the members of the LTS team will take care of the rest. However please make sure to submit a tested package. Thank you very much. Ola Lundqvist, on behalf of the Debian LTS team.
