Hi, I've prepared fixes for CVE-2017-10140 which affects src:db (5.1), src:db4.7 and src:db4.8 in wheezy. Of those, the most important one is src:db, which is the one with actual reverse dependencies. However the other two also ship the shared library in db4.[78]-util, so I'll also fix those to be safe.
I'll wait a few days to give a chance to get more testing on this, maybe even wait for the (old)stable point releases which will ship updates to their respective db versions containing this fix, to see if any regressions get reported. Though if you have a chance to test these in wheezy (especially libdb5.1) then all the better. Thanks! Emilio
