Hi, I'd like to prepare an LTS upload for libav[0]. The upstream patch for CVE-2016-7393 is very simple and could be grouped with patches from older analogous CVEs like CVE-2015-8662 in a broad LTS upload. Does anybody think it's a bad idea ? These CVEs are minor security issues, so we could also mark them as no-dsa. Cheers, Hugo [0] https://security-tracker.debian.org/tracker/source-package/libav -- Hugo Lefeuvre (hle) | www.owl.eu.com 4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
Attachment:
signature.asc
Description: PGP signature