Hugo Lefeuvre <hle@debian.org> writes: > Whether CVE-2016-8686 is really exploitable in practice or not is another > question. I note this issue was marked no-dsa for wheezy. -- Brian May <bam@debian.org>