Re: Bug#827397: RFS: vlc/2.0.3-5+deb7u3
On Wed, Jun 15, 2016 at 08:03:28PM +0200, Mateusz Łukasik wrote:
> I am looking for a sponsor for my package "vlc"
> * Package name : vlc
> Version : 2.0.3-5+deb7u3
> Changes since the last upload:
> Fix CVE-2016-5108. (Closes: #825728)
I've reviewed the upload, but I'm not sure if you coordinated it
with the LTS team. I find a contradition:
says vlc is no longer supported in wheezy, yet in
the quoted mail sounds as if the upload is expected.
Should I proceed?
As I haven't ever made a security upload before, mine nor sponsored, let me
recap: I make a source-only upload targetted at wheezy-security to
Tested on amd64, the patch indeed fixes the exploit posted in the CVE.
An imaginary friend squared is a real enemy.