Re: CVE-2016-2839 / Firefox-ESR

To: Mike Hommey <mh@glandium.org>, Chris Lamb <chris@chris-lamb.co.uk>
Cc: debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: CVE-2016-2839 / Firefox-ESR
From: Brian May <bam@debian.org>
Date: Fri, 19 Aug 2016 17:39:02 +1000
Message-id: <[🔎] 87vayx438p.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 20160817083426.bc7ltslwjdpma7ou@glandium.org>
References: <[🔎] 87fuq36f4g.fsf@prune.linuxpenguins.xyz> <[🔎] 1471420830.1306019.697713113.5E4B983E@webmail.messagingengine.com> <[🔎] 20160817083426.bc7ltslwjdpma7ou@glandium.org>

Mike Hommey <mh@glandium.org> writes:

> All 45.3.0esr-1* versions are fixed, but this only actually affects when
> playing videos with ffmpeg 0.10 installed. *not* ffmpeg 1.0, *not*
> libav. So for most practical purposes, wheezy and jessie are not
> /really/ affected as long as only packages from wheezy and jessie are
> used.

So we should remove the entry from data/dla-needed.txt, right?
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Luciano Bello <luciano@debian.org>

References:
- CVE-2016-2839 / Firefox-ESR
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Chris Lamb <chris@chris-lamb.co.uk>
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Mike Hommey <mh@glandium.org>

Prev by Date: Re: Wheezy update of libgcrypt11?
Next by Date: Re: Wheezy update of chicken?
Previous by thread: Re: CVE-2016-2839 / Firefox-ESR
Next by thread: Re: CVE-2016-2839 / Firefox-ESR
Index(es):
- Date
- Thread