Hi John,

On 15.01.20 17:22, John McCabe wrote:
> Hi, 
> I notice that a patch for CVE-2017-14062 was made available for jessie
> (security), bullseye, sid and buster but not stretch.
> 
> Could I possibly ask why stretch didn't get a fix (I assume there's a
> policy that I'm not aware of so apologies in advance for a dumb question.).

That is a decision made by Debian and we are not Debian or part of it.

Maybe someone reading this ML can answer your question. But still the
best place for such a question would IMO be https://bugs.debian.org
(package libidn11) or one of Debian's mailing lists (can say which is
the best).

Regards, Tim

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to