On Mon, Jul 15, 2019 at 10:28:41AM +0200, Raphael Hertzog wrote: > Hi, > > On Sun, 14 Jul 2019, Roberto C. Sánchez wrote: > > My inclination is to add the 3.26.2 patch to the nss in jessie. > > However, I wanted to ask before making that change in the event that > > there is a reason the change should not be made. > > > > Do you have any insight you can add here? > > I don't remember anything but you can lookup > https://lists.debian.org/debian-lts/2016/12/threads.html and it seems that > the security team had no CVE severe enough to justify an update at that > time. > Quite right. I should have checked the list archives.
> I think you can bump to 3.26.2 if you think it's the right course of > action. > That does some right to me. Thanks very much for the pointer and the feedback. Regards, -Roberto -- Roberto C. Sánchez
