Hi, On Thu, Jun 30, 2016 at 09:42:44PM +0200, Salvatore Bonaccorso wrote: > Package: release.debian.org > Severity: normal > Tags: jessie > User: [email protected] > Usertags: pu > > Hi stable release managers, > > wget in stable is affected by CVE-2016-4971, an issue where wget does > not correctly handle filenames when beeing redirected from a HTTP to a > FTP URL. We think that this does not necessarly need a DSA, but still > would be good to be fixed in stable. I thus have prepared a debdiff, > attached. Bug in BTS is #827003. > > The debdiff contains an increasing debian/wget.debhelper.log. > > If you allow me to, I can prepare a new debdiff, to clean this up as > well, by using dh_prep instead of dh_clean -k for the build target. > Would that be fine? > > But attached the debdiff without that packaging change.
JFTR, if actually Noël Köthe <[email protected]> would like to do the upload himself, I can happily hand over. Regards, Salvatore
