Control: tags -1 + confirmed On Tue, 2015-06-09 at 19:53 +0200, Philip Rinn wrote: > rawtherapee is affected by the security issue CVE-2015-3885. It's marked > no-dsa > that's why I want to coordinate the update with you. > > I attached the debdiff.
+rawtherapee (4.0.9-4+deb7u1) wheezy-security; urgency=high + + * Add patch debian/patches/04-fix_CVE-2015-3885.patch: + - Fix dcraw imput sanitization errors (CVE-2015-3885) As with the jessie update, please drop "-security" from the distribution and go ahead. Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
