Control: tags -1 + confirmed On Wed, 2018-06-06 at 19:54 +0200, [email protected] wrote: > Please consider this update to freedink-dfarc for stretch. > It fixes a security issue that can overwrite arbitrary user files. > Sending to stable following security team's directions from 2018-06- > 01.
+freedink-dfarc (3.12-1+deb9u1) stable; urgency=high Please use "stretch" as the distribution. + * Fix directory traversal in D-Mod extractor (CVE-2018-0496) + * Upload to 'stable' as security team rejected a DSA to + 'stretch-security' (no justification) The changelog is not the place for such commentary - please remove it. With the above changes made, and assuming that the resulting package has been tested on stretch, please feel free to upload. Regards, Adam
