Hi On 2016-10-12 00:13:30, Markus Koschany wrote: > On 09.10.2016 23:36, Hugo Lefeuvre wrote: > > Hello dear maintainer(s), > > > > the Debian LTS team would like to fix the security issues which are > > currently open in the Wheezy version of libass: > > https://security-tracker.debian.org/tracker/source-package/libass > > > > Would you like to take care of this yourself? > > [...] > > Hello, > > I have prepared a security update for libass in Wheezy but I think the > patches can be reused for Jessie as well. I have also marked > CVE-2016-7970 as fixed in Wheezy and it looks to me this also applies to > Jessie. I'd be glad if you could take a look at the debdiff (attached) > and tell me what you think about CVE-2016-7970 and CVE-2016-7971 which > appears to be unfixed, even disputed upstream. I have not had the time to look at the CVEs in jessie yet, so I cannot say anothing regarding the patches for jessie and less so for wheezy. Cheers -- Sebastian Ramacher
Attachment:
signature.asc
Description: PGP signature