On Thu, 2015-07-23 at 01:09 +0200, Luigi Gangitano wrote: > > > > Il giorno 23/lug/2015, alle ore 00:07, Ben Hutchings <benh@debian.org> ha scritto: > > > > On Wed, 2015-07-22 at 23:02 +0200, Luigi Gangitano wrote: > > > Hi Ben, > > > > > > Thanks for the heads up on LTS security issues in squid3. > > > > > > We’ve already prepared an update for CVE-2015-5400 for jessie and are > > > willing to contribute an update for squeeze to. The link you sent me > > > is not working so I’m unable to check if other security issues are > > > open and co-ordinate a single package update. > > > > Sorry, I think this was the issue covered by > > . > > That was removed from the tracker by > > > > as it doesn't actually affect the Debian package. > > Ok, so no need for an updated squid3 in LTS? The squeeze-lts version does seem to be affected by CVE-2015-5400. Ben. -- Ben Hutchings - Debian developer, member of Linux kernel and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part