On Wednesday 03 June 2015 10:41:38 PICCORO McKAY Lenz wrote: > but exactimage its not the only affected, in fact u'r upload its the > only activity in those issues of the CVE-2015-3885 Yes, but you've wrote to the bug tracking entry for the exactimage and therefore I had to assume that you are also referring to the activity in exactimage. There is also activity in other packages. For example freeimage, libraw, rawtherapee and ufraw received updates in sid. dcraw, darktable, freeimage, rawstudio and xbmc most likely still need a patch. It might be a good idea to check the bug tracker first and (if missing) post some patches for sid. The link to the documentation explaining how to contribute to LTS can be found in the initial mail. Do you have more specific questions? For example how you should post your changes in the packages for review/sponsorship? Kind regards, Sven
Attachment:
signature.asc
Description: This is a digitally signed message part.