On 2017-08-31 15:08:08, Lars-Johan Liman wrote:
> On 8/31/2017 5:54 AM, Lars-Johan Liman wrote:
> >> Just curious: is this patch available in the Github repository or does
> >> "waiting" mean somewhere else?
> > Its not in the repository.
> Ack. Thanks.
For anyone interested I saw Debian Security Advisory DSA-4055-1
(relating to newly published CVE-2017-17439) which is regarding the
problem discussed in this thread.
This made me look in the repo and the upstream fix is now public:
Here is an issue with additional information: