Re: squeeze update of libvpx?

To: ben@decadent.org.uk
Cc: debian-lts@lists.debian.org
Subject: Re: squeeze update of libvpx?
From: Sebastian Dröge <slomo@debian.org>
Date: Thu, 20 Aug 2015 10:09:40 +0300
Message-id: <[🔎] 1440054580.2186.103.camel@debian.org>
In-reply-to: <[🔎] 1440019791.2632.6.camel@decadent.org.uk>
References: <[🔎] 1440019791.2632.6.camel@decadent.org.uk>

Hi,

On Mi, 2015-08-19 at 23:29 +0200, ben@decadent.org.uk wrote:
> Hello dear maintainer(s),
> 
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of libvpx:
> https://security-tracker.debian.org/tracker/CVE-2015-4485
> https://security-tracker.debian.org/tracker/CVE-2015-4486
> 
> Would you like to take care of this yourself? We are still 
> understaffed so any help is always highly appreciated.

I would update the package, but unfortunately I don't know what changes
are fixing these CVEs and there's not much information publically
available. The only thing I know is that it's fixed by 1.4.0, but I
assume you don't want to update to that as it includes lots of changes.

Sebastian

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: squeeze update of libvpx?
  - From: Ben Hutchings <ben@decadent.org.uk>

References:
- squeeze update of libvpx?
  - From: ben@decadent.org.uk

Prev by Date: Re: squeeze update of python-django?
Next by Date: Re: squeeze update of libvpx?
Previous by thread: squeeze update of libvpx?
Next by thread: Re: squeeze update of libvpx?
Index(es):
- Date
- Thread