Re: NSS CVE-2013-1739 in squeeze-backports

To: pkg-mozilla-maintainers@lists.alioth.debian.org
Cc: debian-backports@lists.debian.org
Subject: Re: NSS CVE-2013-1739 in squeeze-backports
From: intrigeri <intrigeri@debian.org>
Date: Mon, 16 Dec 2013 13:31:32 +0100
Message-id: <[🔎] 85ppoxht97.fsf@boum.org>
In-reply-to: <85iowbma9k.fsf@totally-fudged-out-message-id> (intrigeri@debian.org's message of "Sat, 02 Nov 2013 10:19:03 +0100")
References: <85iowbma9k.fsf@totally-fudged-out-message-id>

Hi,

intrigeri wrote (02 Nov 2013 09:19:03 GMT) :
> are there plans to fix CVE-2013-1739 in squeeze-backports,
> likely via a 2:3.14.4-1~bpo60+1 upload?

Ping?

Since then, CVE-2013-5605 (rated "critical" by Mozilla) popped up and
was fixed a month ago in stable.

Any reason I'm missing against a nss 3.14.5-1~bpo60+1 upload to
squeeze-backports? Fixing CVE-2013-1741 and CVE-2013-5606 in stable
first, perhaps?

I will take care of the testing and upload unless the maintainers ask
me to refrain.

Cheers,
--
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

Reply to:

Prev by Date: Re: Backport requirements exception for some packages (php5)
Next by Date: Re: Backport requirements exception for some packages (php5)
Previous by thread: Re: [php-maint] Backport requirements exception for some packages (php5)
Next by thread: please remove bitcoin from backports
Index(es):
- Date
- Thread