Hi, On Wed, Sep 27, 2017 at 06:48:07PM +0200, Emilio Pozuelo Monfort wrote: > Hi, > > I've prepared fixes for CVE-2017-10140 which affects src:db (5.1), src:db4.7 > and > src:db4.8 in wheezy. Of those, the most important one is src:db, which is the > one with actual reverse dependencies. However the other two also ship the > shared > library in db4.[78]-util, so I'll also fix those to be safe. > > I'll wait a few days to give a chance to get more testing on this, maybe even > wait for the (old)stable point releases which will ship updates to their > respective db versions containing this fix, to see if any regressions get > reported. Though if you have a chance to test these in wheezy (especially > libdb5.1) then all the better.
I just wanted to give these a spin but didn't see any URLs to packages or attached patches. Did I miss s.th.? Cheers, -- Guido > > Thanks! > Emilio >
