Hi Holger, On Fri, 24 Aug 2018 at 09:06:43 +0000, Holger Levsen wrote: > On Fri, Aug 24, 2018 at 08:22:50AM +0000, Holger Levsen wrote: >>> dropbear 2014.65-1+deb8u2 from jessie-security is vulnerable to >>> CVE-2018-15599: >>> dget -x https://people.debian.org/~guilhem/tmp/dropbear_2014.65-1+deb8u3.dsc >> nice. I'll sponsor your upload shortly and will then also send a DLA. > > I cannot see CVE-2018-15599 fixed in sid, so I will hold back uploading > to jessie-security until this is the case. > > According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906890#31 > (written by you :) the issue is fixed upstream, so I expect you'll > upload it shortly? Oops yes, sorry for that. Just uploaded 2018.76-4 with the fix :-) -- Guilhem.
Description: PGP signature