Re: Wheezy update of ledger?

To: ola@inguza.com, Matt Palmer <mpalmer@debian.org>
Cc: debian-lts@lists.debian.org
Subject: Re: Wheezy update of ledger?
From: David Bremner <bremner@debian.org>
Date: Wed, 06 Sep 2017 20:43:41 -0300
Message-id: <[🔎] 87d173wfyq.fsf@tethera.net>
In-reply-to: <[🔎] 20170906193300.lsvsvhupemhyh4an@inguza.net>
References: <[🔎] 20170906193300.lsvsvhupemhyh4an@inguza.net>

Ola Lundqvist <ola@inguza.com> writes:

> Dear maintainers,
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of ledger:
> https://security-tracker.debian.org/tracker/CVE-2017-2807
> https://security-tracker.debian.org/tracker/CVE-2017-2808
>
> These two issues do not seem to be trivial to exploit in an useful way
> but it is better to be safe than sorry so therefore it would be good to
> have them fixed.
>
> Would you like to take care of this yourself?

No, I have no plans to work on LTS support for ledger.

As far as I know there isn't currently a fix for these problems 
(in any release of Debian or upstream). If you know otherwise
please follow up to Debian bug 870900.

Reply to:

References:
- Wheezy update of ledger?
  - From: Ola Lundqvist <ola@inguza.com>

Prev by Date: About the security issues affecting libraw in Wheezy
Next by Date: Re: About the security issues affecting python-django in Wheezy
Previous by thread: Wheezy update of ledger?
Next by thread: Wheezy update of bzr?
Index(es):
- Date
- Thread