Re: Wheezy update of openssl

To: Thorsten Alteholz <debian@alteholz.de>, Kurt Roeckx <kurt@roeckx.be>
Cc: debian-lts@lists.debian.org
Subject: Re: Wheezy update of openssl
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 19 Dec 2017 21:12:32 +0100
Message-id: <[🔎] 5a1aea58-ee74-ab37-58ae-d6fd64eed366@debian.org>
In-reply-to: <[🔎] alpine.DEB.2.02.1712101953280.13531@jupiter.server.alteholz.net>
References: <[🔎] alpine.DEB.2.02.1712101953280.13531@jupiter.server.alteholz.net>

On 10/12/17 19:55, Thorsten Alteholz wrote:
> Hi Kurt,
> 
> I added you for CVE-2017-3737 to dla-needed.txt.
> 
> If there is no need for an update, please tell the LTS team.

I marked this as postponed (following jessie) as a buggy application is needed
for a user to exploit this. Unless it is determined that we have such
applications out there, this can wait for the next openssl update.

Cheers,
Emilio

Reply to:

References:
- Wheezy update of openssl
  - From: Thorsten Alteholz <debian@alteholz.de>

Prev by Date: Re: Wheezy update of irssi?
Next by Date: Re: Contact maintainers via bts [was Re: Debconf 2017 LTS BoF Summary]
Previous by thread: Wheezy update of openssl
Next by thread: Wheezy update of evince?
Index(es):
- Date
- Thread