[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dropbear 2014.65-1+deb8u3 to fix CVE-2018-15599

Hi Guilhem,

On Fri, Aug 24, 2018 at 08:22:50AM +0000, Holger Levsen wrote:
> > dropbear 2014.65-1+deb8u2 from jessie-security is vulnerable to
> > CVE-2018-15599:
> >     dget -x https://people.debian.org/~guilhem/tmp/dropbear_2014.65-1+deb8u3.dsc
> nice. I'll sponsor your upload shortly and will then also send a DLA.

I cannot see CVE-2018-15599 fixed in sid, so I will hold back uploading
to jessie-security until this is the case.

According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906890#31
(written by you :) the issue is fixed upstream, so I expect you'll
upload it shortly?



Attachment: signature.asc
Description: PGP signature

Reply to: