[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Wheezy update of vorbis-tools for CVE-2015-6749

Hi.  I got tired of CVE-2015-6749 showing up on
<URL: https://udd.debian.org/dmd.cgi?email1=pere%40debian.org > and
would like to provide an update for oldoldstable/Wheezy to fix the old
security issue.  Alexander Wirt suggested I follow the procedure on
<URL: https://wiki.debian.org/LTS/Development >, but I must admit I am
not up to date on the latest procedure and wonder if someone might help

The fixed package is available in git as
<URL: https://anonscm.debian.org/cgit/pkg-xiph/vorbis-tools.git/log/?h=debian/wheezy >.
It uses the same patch as was used to fix the issue in jessie, stretch
and beyon.

Should this update be announced on the announcement list?  Does it need
a DLA?  The security team tagged it no-dsa.  I can build, test and
upload, but am unsure abount the announcing part.

Happy hacking
Petter Reinholdtsen

Reply to: