[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fixing CVE-2016-9839 for mapserver in wheezy

On 2016-12-07 09:49, Chris Lamb wrote:
Sebastiaan Couwenberg wrote:

Thanks, the fixed version has been uploaded, but the security-tracker
marks it (6.0.1-3.2+deb7u3) as vulnerable which is incorrect.

The security-tracker is generated from the files in the secure-testing
repository, not from the archive itself.

Can you confirm whether you will be generating a DLA and sending it to
debian-lts-announce or not? No obligation whatsoevr just let me know
either way otherwise I am waiting for your reply to avoid duplicating it

If you can do already, please generate and send the DLA.

This is my first time working with the LTS project, so I at least need to review the docs for the DLA procedure.

I can do that after I get home from $DAYJOB today, but I think you can do that much sooner.

After announcing it, I will mark it as fixed.


Kind Regards,


Reply to: