Control: tags -1 + confirmed On Thu, 2017-07-27 at 15:01 -0700, Noah Meyerhans wrote: > I'd like to update ipsec-tools in the next oldstable point release to > address a security vulnerability in which a remote unauthenticated > attacker could cause racoon to exhause CPU resources resulting in a > denial-of-service. Because the issue has been known for some time, the > security team does not feel that this warrants a DSA. Instead it should > be updated via (old)stable-updates. See > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867986 for details.
+ipsec-tools (1:0.8.2+20140711-2+deb8u2) oldstable; urgency=medium We'd prefer that codenames were used for changelog distributions - i.e. "jessie" here. Please go ahead. Regards, Adam
