Re: Fixing CVE-2016-9839 for mapserver in wheezy
On 12/06/2016 11:22 PM, Chris Lamb wrote:
> Sebastiaan Couwenberg wrote:
>
>> Are these changes OK for wheezy-lts? The security team did not consider
>> it severe enough for a DSA
>
> I was somewhat on the fence when triaging this, but as you have backported
> the patch it seems a waste to throw it away now. Please go ahead and upload.
Thanks, the fixed version has been uploaded, but the security-tracker
marks it (6.0.1-3.2+deb7u3) as vulnerable which is incorrect.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
Reply to: