Re: Fixing CVE-2017-1000426 in mapproxy for stretch

To: Moritz Mühlenhoff <jmm@inutil.org>
Cc: team@security.debian.org, Debian GIS Project <debian-gis@lists.debian.org>
Subject: Re: Fixing CVE-2017-1000426 in mapproxy for stretch
From: Sebastiaan Couwenberg <sebastic@xs4all.nl>
Date: Sun, 7 Jan 2018 22:25:20 +0100
Message-id: <[🔎] 09c52c2c-9576-9296-ef16-652af95819a4@xs4all.nl>
In-reply-to: <[🔎] 20180107210915.GA20405@pisco.westfalen.local>
References: <[🔎] 944676b9-c3c3-7ec0-410c-9ad53b024249@xs4all.nl> <[🔎] 20180107210915.GA20405@pisco.westfalen.local>

Hi Moritz,

On 01/07/2018 10:09 PM, Moritz Mühlenhoff wrote:
> On Sun, Jan 07, 2018 at 09:53:54AM +0100, Sebastiaan Couwenberg wrote:
>> After noticing the mapproxy security issue in the tracker I've gone
>> ahead and backported the upstream patch for the 1.9.0 package in
>> stretch. See the attached debdiff.
> 
> Thanks for reaching out proactively! But that doesn't warrant a DSA,
> the impact is fairly limited.
> 
> Could you please fix this through a stretch point update instead?

Thanks for the feedback, stretch-pu filed: #886589.

Kind Regards,

Bas

Reply to:

References:
- Fixing CVE-2017-1000426 in mapproxy for stretch
  - From: Sebastiaan Couwenberg <sebastic@xs4all.nl>
- Re: Fixing CVE-2017-1000426 in mapproxy for stretch
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: Re: Fixing CVE-2017-1000426 in mapproxy for stretch
Next by Date: Re: Migration from Alioth to Salsa
Previous by thread: Re: Fixing CVE-2017-1000426 in mapproxy for stretch
Next by thread: Re: Migration from Alioth to Salsa
Index(es):
- Date
- Thread