[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: squeeze update of libvpx?

On Thu, Aug 20, 2015 at 10:04:56AM +0200, Ben Hutchings wrote:
> On Thu, 2015-08-20 at 10:09 +0300, Sebastian Dröge wrote:
> > Hi,
> > 
> > On Mi, 2015-08-19 at 23:29 +0200, ben@decadent.org.uk wrote:
> > > Hello dear maintainer(s),
> > > 
> > > the Debian LTS team would like to fix the security issues which are
> > > currently open in the Squeeze version of libvpx:
> > > https://security-tracker.debian.org/tracker/CVE-2015-4485
> > > https://security-tracker.debian.org/tracker/CVE-2015-4486
> > > 
> > > Would you like to take care of this yourself? We are still 
> > > understaffed so any help is always highly appreciated.
> > 
> > I would update the package, but unfortunately I don't know what changes
> > are fixing these CVEs and there's not much information publically
> > available.
> 
> Yes, I realised that when trying to work out whether squeeze is
> affected.

I've pinged mozilla again to make the content of the bugs public.
Cheer,
 -- Guido
Reply to: