Control: tags -1 -moreinfo +confirmed
On Mon, 2018-06-11 at 22:07 +0200, Bertrand Marc wrote:
> Le 08/06/2018 à 22:24, Adam D. Barratt a écrit :
> > Control: tags -1 + moreinfo
> > On Thu, 2017-12-28 at 17:32 +0100, Bertrand Marc wrote:
> > > Would you allow an update of libextractor 1.3-2 in Jessie to fix
> > > several minor security issues?
> > > 7 issues skipped by the security teams:
> > >
> > [...]
> > > * CVE-2017-15600 <https://security-tracker.debian.org/tracker/
> > > CVE-
> > > 2017-15600>: In GNU Libextractor 1.4, there is a NULL Pointer
> > > Dereference in the
> > > EXTRACTOR_nsf_extract_method function of
> > > plugins/nsf_extractor.c.
> > >
> > I assume the same issue that Julien raised for the stretch package
> > applies here.
> > Regards,
> > Adam
> Indeed. The attached patch would fix the issue.
Thanks. Please go ahead.