Control: tags -1 -moreinfo +confirmed On Mon, 2018-06-11 at 22:07 +0200, Bertrand Marc wrote: > Le 08/06/2018 à 22:24, Adam D. Barratt a écrit : > > Control: tags -1 + moreinfo > > > > On Thu, 2017-12-28 at 17:32 +0100, Bertrand Marc wrote: > > > Would you allow an update of libextractor 1.3-2 in Jessie to fix > > > several minor security issues? > > > 7 issues skipped by the security teams: > > > > > > > [...] > > > * CVE-2017-15600 <https://security-tracker.debian.org/tracker/ > > > CVE- > > > 2017-15600>: In GNU Libextractor 1.4, there is a NULL Pointer > > > Dereference in the > > > EXTRACTOR_nsf_extract_method function of > > > plugins/nsf_extractor.c. > > > > > > > I assume the same issue that Julien raised for the stretch package > > applies here. > > > > Regards, > > > > Adam > > Indeed. The attached patch would fix the issue.
Thanks. Please go ahead. Regards, Adam
