Hi Francois,

[Important disclaimer: not part of the release team]

On Tue, Aug 13, 2019 at 11:29:55PM -0700, Francois Marier wrote:
> There is now an additional CVE that affects pdfresurrect in buster and
> stretch:
> 
>   https://security-tracker.debian.org/tracker/CVE-2019-14934
> 
> Neither this one or CVE-2019-14267 are deemed worthy of a DSA however.
> 
> If you approve the first upload I have prepared for buster and stretch, I
> will revise it to include the fix for this second CVE, but I will wait for
> your initial approval before putting any more work into this.

If you are confident with all of the changes that they would be
accepted, then you even can already proceeed. Important is though that
you provide the bugreport and a corresponding debdiff to the SRM.

See the announcement on the new workflow:
https://lists.debian.org/debian-devel-announce/2018/04/msg00007.html

Hope this helps!

Regards,
Salvatore

Reply via email to