** Tags added: trusty
** Description changed:
The current package available to 14.04/trusty is 1:1.2.8.dfsg-1ubuntu1
which does not have the upstream fixes for the following CVEs:
- * CVE-2016-9840 (high)
- * CVE-2016-9841 (critical)
- * CVE-2016-9842 (high)
- * CVE-2016-9843 (critical
+
Public bug reported:
The current package available to 14.04/trusty is 1:1.2.8.dfsg-1ubuntu1
which does not have the upstream fixes for the following CVEs:
* CVE-2016-9840 (high) (https://nvd.nist.gov/vuln/detail/CVE-2016-9840)
* CVE-2016-9841 (critical)