Hi Guilhem, On Sat, 20 May 2017, Guilhem Moulin wrote:
I did check that public key authentication is still working under 2012.55-1.3+deb7u2 (I didn't make any other check though).
thanks a lot for that fix, I just uploaded your new version to wheezy-security. Later I will also send the DLA ...
Note that 2017.75 fixes another security vulnerability, namely CVE-2017-9078, but I believe that 2012.55 is not affected by the double free. Not sure how to tell the security tracker, though.
Ok, I marked that CVE as not-affected for Wheezy.
Thanks for your work on Debian LTS!
Many thanks to you for the patch. Thorsten
