On 2015-03-31, Guillaume Delacour <[email protected]> wrote: > Upstream confirm me that the fix is correct for this CVE. The > package uploaded on mentors was not modified since my first mail and > is ready for upload if anybody can/want upload it to stable.
I'm waiting for CVE assignments from MITRE, after which I can release the DSA. > In a second stage, upstream show me other [4] security related > changes done between the actual 2.0.18 stable and the 2.0.5 shipped > in wheezy. Upstream "strongly urge" me to take a look at these > commits to evaluate the impact, maybe someone of the security team > could help me and upstream to review the impact of them. Would that be the commits from 2015-03-26, or others as well ? Cheers, --Seb -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
