Re: CVE-2016-2839 / Firefox-ESR

To: Brian May <bam@debian.org>
Cc: Mike Hommey <mh@glandium.org>, Chris Lamb <chris@chris-lamb.co.uk>, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: CVE-2016-2839 / Firefox-ESR
From: Luciano Bello <luciano@debian.org>
Date: Fri, 19 Aug 2016 15:57:40 -0400
Message-id: <[🔎] 5102487.eQGKDlo421@box>
In-reply-to: <[🔎] 87vayx438p.fsf@prune.linuxpenguins.xyz>
References: <[🔎] 87fuq36f4g.fsf@prune.linuxpenguins.xyz> <[🔎] 20160817083426.bc7ltslwjdpma7ou@glandium.org> <[🔎] 87vayx438p.fsf@prune.linuxpenguins.xyz>

On Friday 19 August 2016 17.39.02 Brian May wrote:
> > All 45.3.0esr-1* versions are fixed, but this only actually affects when
> > playing videos with ffmpeg 0.10 installed. *not* ffmpeg 1.0, *not*
> > libav. So for most practical purposes, wheezy and jessie are not
> > /really/ affected as long as only packages from wheezy and jessie are
> > used.
> 
> So we should remove the entry from data/dla-needed.txt, right?

Since it was the only issue connected with firefox-esr, I removed it from the 
list.

Thanks! /luciano

Reply to:

References:
- CVE-2016-2839 / Firefox-ESR
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Mike Hommey <mh@glandium.org>
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Brian May <bam@debian.org>

Prev by Date: Re: matrixssl
Next by Date: Re: Security update of Wordpress
Previous by thread: Re: CVE-2016-2839 / Firefox-ESR
Next by thread: Re: Wheezy update of icu?
Index(es):
- Date
- Thread