[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dropbear 2014.65-1+deb8u3 to fix CVE-2018-15599

Hi Holger,

On Fri, 24 Aug 2018 at 09:06:43 +0000, Holger Levsen wrote:
> On Fri, Aug 24, 2018 at 08:22:50AM +0000, Holger Levsen wrote:
>>> dropbear 2014.65-1+deb8u2 from jessie-security is vulnerable to
>>> CVE-2018-15599:
>>>   dget -x https://people.debian.org/~guilhem/tmp/dropbear_2014.65-1+deb8u3.dsc
>> nice. I'll sponsor your upload shortly and will then also send a DLA.
> I cannot see CVE-2018-15599 fixed in sid, so I will hold back uploading
> to jessie-security until this is the case.
> According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906890#31
> (written by you :) the issue is fixed upstream, so I expect you'll
> upload it shortly?

Oops yes, sorry for that.  Just uploaded 2018.76-4 with the fix :-)


Attachment: signature.asc
Description: PGP signature

Reply to: