Hi, if you're interested in addressing this CVE, you can find a fixed version for jessie at https://salsa.debian.org/debian/pound/tree/jessie An amd64 binary package can be found here: https://salsa.debian.org/debian/pound/-/jobs/221014/artifacts/browse/debian/output/ Regards, Carsten